diff --git a/_gtfobins/tcpdump.md b/_gtfobins/tcpdump.md index 3df01aa..e3ec96f 100644 --- a/_gtfobins/tcpdump.md +++ b/_gtfobins/tcpdump.md @@ -1,16 +1,16 @@ --- -description: These require some traffic to be actually captured. +description: These require some traffic to be actually captured. Also note that the subprocess is killed when `tcpdump` terminates. functions: execute-non-interactive: - code: | - COMMAND='id > /tmp/output' + COMMAND='id' TF=$(mktemp) echo "$COMMAND" > $TF chmod +x $TF tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TF sudo-enabled: - code: | - COMMAND='id > /tmp/output' + COMMAND='id' TF=$(mktemp) echo "$COMMAND" > $TF chmod +x $TF