mirror of
https://github.com/GTFOBins/GTFOBins.github.io.git
synced 2024-11-10 02:11:53 +01:00
48 lines
1.9 KiB
YAML
48 lines
1.9 KiB
YAML
exec-interactive:
|
|
label: Interactive
|
|
description: It executes interactive commands that may be exploited to break out from restricted shells.
|
|
|
|
exec-non-interactive:
|
|
label: Non-interactive
|
|
description: It executes non-interactive commands that may be exploited to break out from restricted shells.
|
|
|
|
suid-enabled:
|
|
label: SUID
|
|
description: It runs with the SUID bit set and may be exploited to escalate or maintain the privileges working as a SUID backdoor. (Note that passing the `-p` option to the shell may be useless or even wrong for certain distributions like Debian that run in privileged mode by default.)
|
|
|
|
suid-limited:
|
|
label: Limited SUID
|
|
description: It runs with the SUID bit set and may be exploited to escalate or maintain the privileges working as a SUID backdoor. This works if the default system shell doesn't drop the SUID privileges, which is usually only valid for Debian Linux systems.
|
|
|
|
sudo-enabled:
|
|
label: Sudo
|
|
description: It runs in privileged context and may be used to escalate or maintain privileges if enabled on `sudo`.
|
|
|
|
download:
|
|
label: Download
|
|
description: It can download remote files.
|
|
|
|
upload:
|
|
label: Upload
|
|
description: It can exfiltrate files on the network.
|
|
|
|
bind-shell:
|
|
label: Bind shell
|
|
description: It can bind a shell to a local port to allow remote network access.
|
|
|
|
reverse-shell:
|
|
label: Reverse shell
|
|
description: It can send back a reverse shell to a listening attacker to open a remote network access.
|
|
|
|
load-library:
|
|
label: Library load
|
|
description: It loads shared libraries that may be used to run code in the binary execution context.
|
|
|
|
bind-shell-non-interactive:
|
|
label: Non-interactive bind shell
|
|
description: It can bind a non-interactive shell to a local port to allow remote network access.
|
|
|
|
reverse-shell-non-interactive:
|
|
label: Non-interactive reverse shell
|
|
description: It can send back a non-interactive reverse shell to a listening attacker to open a remote network access.
|