mirror/ GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2024-04-24 02:35:01 +02:00
Code Issues

Avoid the "exploit" verb to reduce confusion

This commit is contained in:
Andrea Cardaci 2020-12-05 17:49:56 +01:00
parent 12b8ceee39
commit 31af1e879f
3 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -3,6 +3,6 @@
[Build Status]: https://travis-ci.org/GTFOBins/GTFOBins.github.io.svg?branch=master
[travis]: https://travis-ci.org/GTFOBins/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
GTFOBins is a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems.
Find the project at https://gtfobins.github.io

8
_data/functions.yml
View File

@ -48,9 +48,9 @@ library-load:
suid:
label: SUID
description: |
If the binary has the SUID bit set, it does not drop the elevated privileges and may be exploited to access the file system, escalate or maintain privileged access as a SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems like Debian (<= Stretch) that allow the default `sh` shell to run with SUID privileges.
If the binary has the SUID bit set, it does not drop the elevated privileges and may be abused to access the file system, escalate or maintain privileged access as a SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems like Debian (<= Stretch) that allow the default `sh` shell to run with SUID privileges.
This example creates a local SUID copy of the binary and runs it to maintain elevated privileges. To exploit an existing SUID binary skip the first command and run the program using its original path.
This example creates a local SUID copy of the binary and runs it to maintain elevated privileges. To interact with an existing SUID binary skip the first command and run the program using its original path.
sudo:
label: Sudo
@ -63,6 +63,6 @@ capabilities:
limited-suid:
label: Limited SUID
description: |
If the binary has the SUID bit set, it may be exploited to access the file system, escalate or maintain access with elevated privileges working as a SUID backdoor. If it is used to run commands (e.g., via `system()`-like invocations) it only works on systems like Debian (<= Stretch) that allow the default `sh` shell to run with SUID privileges.
If the binary has the SUID bit set, it may be abused to access the file system, escalate or maintain access with elevated privileges working as a SUID backdoor. If it is used to run commands (e.g., via `system()`-like invocations) it only works on systems like Debian (<= Stretch) that allow the default `sh` shell to run with SUID privileges.
This example creates a local SUID copy of the binary and runs it to maintain elevated privileges. To exploit an existing SUID binary skip the first command and run the program using its original path.
This example creates a local SUID copy of the binary and runs it to maintain elevated privileges. To interact with an existing SUID binary skip the first command and run the program using its original path.

8
index.md
View File

@ -5,14 +5,14 @@ title: GTFOBins
![logo](/assets/logo.png){:.logo}
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
GTFOBins is a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems.
The project collects legitimate functions of Unix binaries that can be abused to <strike>get the f**k</strike> break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks. See the full list of [functions](/functions/).
This was inspired by the [LOLBAS][] project for Windows.
The project collects legitimate [functions](/functions/) of Unix binaries that can be abused to ~~get the f**k~~ break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks.
GTFOBins is a [collaborative][] project created by [Emilio Pinna][norbemi] and [Andrea Cardaci][cyrus_and] where everyone can [contribute][] with additional binaries and techniques.
If you are looking for Windows binaries you should visit [LOLBAS][].
[functions]: /functions/
[LOLBAS]: https://lolbas-project.github.io/
[collaborative]: https://github.com/GTFOBins/GTFOBins.github.io/graphs/contributors