GTFOBins: A Powerful Tool for Bypassing Security Restrictions
- GTFOBins is a curated list of Unix-like executables that can bypass local security restrictions.
- It can be used to read files, write files, or execute commands in restricted contexts.
- GTFOBins is useful in security and CTF contexts, such as when dealing with restricted shells or sudo access.
The Buzz Score
The Internet’s Verdict: 70% Hyped, 30% Skeptical
What is GTFOBins?
GTFOBins is a list of Unix-like executables that can be used to bypass security restrictions in misconfigured systems.
As one user noted,
Seeing the confusion in the comments I want to provide some examples of situations where this might come up in a security or CTF context: * You have a restricted shell or other way to execute a restricted set of commands or binaries, often with arbitrary parameters.
Use Cases
GTFOBins can be used in various situations, such as when dealing with restricted shells or sudo access.
For example,
I have used this extensively while playing on hackthebox.eu
Some users are confused about the purpose of GTFOBins, with one user asking,
Is this saying that if you don’t have access to `cat`, instead of `cat /path/to/input-file` you can use `base64 /path/to/input-file | base64 –decode`?
Conclusion
GTFOBins is a powerful tool for bypassing security restrictions in misconfigured systems.
As a former maintainer of one of these tools noted,
Haha, as a former maintainer to one of these tools, it makes me laugh to see someone pop a shell. Creative, nice work, nice resource.
Focus Keyword: GTFOBins
