dash/GTFOBins.github.io
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
631 Commits 1 Branch 0 Tags
edc8a2d03da03caf8e0b698938f6c0895a395964
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Syed Umar Arfeen edc8a2d03d Adding another usage of Nmap's SUID 
I came along with this method on stackoverflow while trying to execute commands using a SUID nmap binary, though `--script` failed me but this works. Could be enough to demonstrate effect of using SUID on Nmap. 

I've yet to come up with a way to over-write the contents of the system file according to what we want, with this we can only over-write files with nmap output.

```bash
sudo touch /etc/filecantbetouched
nmap 127.0.0.1 -oN=/etc/filecantbetouched
cat /etc/filecantbetouched
```
2021-01-04 12:16:29 +05:00
_data
Avoid the "exploit" verb to reduce confusion
2020-12-05 17:52:03 +01:00
_gtfobins
Adding another usage of Nmap's SUID
2021-01-04 12:16:29 +05:00
_includes
Fix query input trailing spaces
2020-02-07 00:19:24 +01:00
_layouts
Use the more clean install command to create example SUIDs
2020-12-20 22:20:45 +01:00
assets
Style function filters differently
2018-10-09 16:13:16 +02:00
scripts
Fix JSON schema validation to match full function names
2020-05-13 19:36:59 +02:00
_config.yml
Add a simple YAML schema validation test
2018-08-31 15:50:54 +02:00
.gitignore
First commit
2018-05-21 20:14:41 +01:00
.travis.yml
Fix TravisCI
2018-08-31 18:18:08 +02:00
.yamllint
Fix YAMLs according to YAMLlint
2018-07-16 15:01:50 +02:00
contribute.md
Use HTTPS for the link yaml.org
2020-11-29 12:59:57 +01:00
CONTRIBUTING.md
Update link in the CONTRIBUTING
2018-05-21 22:11:01 +02:00
functions.md
First commit
2018-05-21 20:14:41 +01:00
Gemfile
First commit
2018-05-21 20:14:41 +01:00
Gemfile.lock
Update Gemfile.lock
2020-08-09 11:58:44 +02:00
index.md
Add yet another clarification
2020-12-05 19:31:46 +01:00
LICENSE
Add LICENSE
2019-12-28 18:35:26 +01:00
Makefile
Fix warning in yamllint (changed usage?)
2020-03-22 13:01:26 +01:00
README.md
Avoid the "exploit" verb to reduce confusion
2020-12-05 17:52:03 +01:00

README.md

GTFOBins Build Status

GTFOBins is a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems.

Find the project at https://gtfobins.github.io

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 700 KiB
Languages
HTML 57.9%
SCSS 26%
Python 11%
TeX 3.5%
Makefile 1.3%
Other 0.3%