GTFObins

GTFObins

GTFObins (Get The F*** Out binaries) are a collection of 200+ legitimate Unix binaries that can be abused by an attacker during the post-exploitation phase : https://gtfobins.github.io/

find

it is possible to escalate our privileges via a root SUID on the find binary, since it posses an -exec flag which can be used to spawn a reverse shell.

find /tmp -exec /bin/sh -p \; will execute a shell (/bin/sh) by injecting it into the -exec option of the find command.

vim

One can use vim to spawn a shell ; this can be used to escape restricted shells or even privesc if *really* misconfigured. First the shell attribute must be defined using :set shell=/bin/bash, and then the shell cmdlet executed via :shell .

awk

awk - The awk utility is commonly used to manipulate text files. However, it can also be used to execute commands by injecting code into a script file.

awk 'BEGIN {system("/bin/sh")}' - will execute a shell (/bin/sh) by injecting it into an awk script.