0x1 Posted January 15, 2020 Share Posted January 15, 2020 GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. This is the hidden content, please Sign In or Sign Up The project collects legitimate functions of Unix binaries that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks. See the full list of functions. This was inspired by the LOLBAS project for Windows. GTFOBins is a collaborative project created by norbemi and cyrus_and where everyone can contribute with additional binaries and techniques. This is the hidden content, please Sign In or Sign Up gtfo This is the hidden content, please Sign In or Sign Up This is a standalone script written in Python 3 for GTFOBins. You can search for Unix binaries that can be exploited to bypass system security restrictions. These binaries can be abused to get the f**k break out of restricted shells, escalate privileges, transfer files, spawn bind and reverse shells, etc... The functions are from This is the hidden content, please Sign In or Sign Up and all credit goes to its respective contributors. They are simplified (no need for environmental variables) and syntax highlighted. This is the hidden content, please Sign In or Sign Up Download This is the hidden content, please Sign In or Sign Up Install The script has 2 dependencies: colorama pygments You can install these by typing: This is the hidden content, please Sign In or Sign Up Run This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts