Graham Helton
befc9935b6
|
2 years ago | |
|---|---|---|
| data | 3 years ago | |
| .gitignore | 4 years ago | |
| LICENSE | 4 years ago | |
| README.md | 2 years ago | |
| README.zh-cn.md | 4 years ago | |
| gtfo.py | 2 years ago | |
| samplelist.txt | 2 years ago | |
| setup.py | 4 years ago | |
README.md
gtfo
This project is forked from https://github.com/t0thkr1s/gtfo.
This is a standalone script written in Python 3 for GTFOBins.
You can search for Unix binaries that can be exploited to bypass system security restrictions.
These binaries can be abused to get the f**k break out of restricted shells, escalate privileges, transfer files, spawn bind and reverse shells, etc...
The functions are from https://github.com/GTFOBins/GTFOBins.github.io and all credit goes to its respective contributors. They are simplified (no need for environmental variables) and syntax highlighted.
Download
git clone https://github.com/grahamhelton/gtfoCheck
Install
The script has 2 dependencies:
You can install these by typing:
python3 setup.py install
Run
Run with -l to check a list of binaries (one per line)
python3 gtfo.py -b binary
python3 gtfo.py -l list.txt
Screenshots
Screenshot 1
Disclaimer
This tool is only for testing and academic purposes and can only be used where strict consent has been given. Do not use it for illegal purposes! It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this tool and software.
License
This project is licensed under the GPLv3 License - see the LICENSE file for details