mirror/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2026-01-24 00:48:01 +01:00
Code Issues
Curated list of Unix binaries that can be exploited to bypass system security restrictions https://gtfobins.github.io/
631 Commits 2 Branches 0 Tags 6 MiB
HTML 61.1%
SCSS 19%
Python 15.7%
Makefile 2.6%
Shell 1.1%
Other 0.4%
edc8a2d03d
Go to file
Syed Umar Arfeen edc8a2d03d
Adding another usage of Nmap's SUID 
I came along with this method on stackoverflow while trying to execute commands using a SUID nmap binary, though `--script` failed me but this works. Could be enough to demonstrate effect of using SUID on Nmap. 

I've yet to come up with a way to over-write the contents of the system file according to what we want, with this we can only over-write files with nmap output.

```bash
sudo touch /etc/filecantbetouched
nmap 127.0.0.1 -oN=/etc/filecantbetouched
cat /etc/filecantbetouched
```
2021-01-04 12:16:29 +05:00
_data Avoid the "exploit" verb to reduce confusion 2020-12-05 17:52:03 +01:00
_gtfobins Adding another usage of Nmap's SUID 2021-01-04 12:16:29 +05:00
_includes Fix query input trailing spaces 2020-02-07 00:19:24 +01:00
_layouts Use the more clean install command to create example SUIDs 2020-12-20 22:20:45 +01:00
assets Style function filters differently 2018-10-09 16:13:16 +02:00
scripts Fix JSON schema validation to match full function names 2020-05-13 19:36:59 +02:00
_config.yml Add a simple YAML schema validation test 2018-08-31 15:50:54 +02:00
.gitignore First commit 2018-05-21 20:14:41 +01:00
.travis.yml Fix TravisCI 2018-08-31 18:18:08 +02:00
.yamllint Fix YAMLs according to YAMLlint 2018-07-16 15:01:50 +02:00
contribute.md Use HTTPS for the link yaml.org 2020-11-29 12:59:57 +01:00
CONTRIBUTING.md Update link in the CONTRIBUTING 2018-05-21 22:11:01 +02:00
functions.md First commit 2018-05-21 20:14:41 +01:00
Gemfile First commit 2018-05-21 20:14:41 +01:00
Gemfile.lock Update Gemfile.lock 2020-08-09 11:58:44 +02:00
index.md Add yet another clarification 2020-12-05 19:31:46 +01:00
LICENSE Add LICENSE 2019-12-28 18:35:26 +01:00
Makefile Fix warning in yamllint (changed usage?) 2020-03-22 13:01:26 +01:00
README.md Avoid the "exploit" verb to reduce confusion 2020-12-05 17:52:03 +01:00

README.md

GTFOBins Build Status

GTFOBins is a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems.

Find the project at https://gtfobins.github.io