GTFOBins
Star

GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.

The project collects legitimate functions of Unix binaries that can be abused to ~~get the f**k~~ break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks. See the full list of functions.

This was inspired by the LOLBins project for Windows.

GTFOBins is a collaborative project created by norbemi and cyrus_and where everyone can contribute with additional binaries and techniques.

Binary	Functions
apt-get	Shell Sudo
apt	Shell Sudo
aria2c	Command SUID Sudo
arp	File read SUID Sudo
ash	Shell File write SUID Sudo
awk	Shell Non-interactive reverse shell Non-interactive bind shell File write File read Sudo Limited SUID
base64	File read SUID Sudo
bash	Shell Reverse shell File upload File download File write File read SUID Sudo
busybox	Shell File upload File write File read SUID Sudo
cancel	File upload
cat	File read SUID Sudo
chmod	SUID Sudo
chown	SUID Sudo
cp	SUID Sudo
cpan	Shell Reverse shell File upload File download Sudo
cpulimit	Shell Sudo
crontab	Command Sudo
csh	Shell File write SUID Sudo
curl	File upload File download File read SUID Sudo
cut	File read SUID Sudo
dash	Shell File write SUID Sudo
date	File read SUID Sudo
dd	File write File read SUID Sudo
diff	File read SUID Sudo
dmesg	Sudo
dmsetup	SUID Sudo
dnf	Sudo
docker	SUID Sudo
dpkg	Sudo
easy_install	Shell Reverse shell File upload File download File write File read Library load Sudo
ed	Shell File write File read Sudo Limited SUID
emacs	Shell File write File read SUID Sudo
env	Shell SUID Sudo
expand	File read SUID Sudo
expect	Shell SUID Sudo
facter	Shell Sudo
file	File read SUID Sudo
find	Shell SUID Sudo
finger	File upload File download
flock	Shell SUID Sudo
fmt	File read SUID Sudo
fold	File read SUID Sudo
ftp	Shell File upload File download Sudo
gdb	Shell Reverse shell File upload File download File write File read Library load SUID Sudo Capabilities
gimp	Shell Reverse shell File upload File download File write File read Library load SUID Sudo
git	Shell Sudo Limited SUID
grep	File read SUID Sudo
head	File read SUID Sudo
ionice	Shell SUID Sudo
ip	File read SUID Sudo
irb	Shell Reverse shell File upload File download File write File read Library load Sudo
jjs	Shell Reverse shell File download File write File read SUID Sudo
journalctl	Shell Sudo
jq	File read SUID Sudo
jrunscript	Shell Reverse shell File download File write File read SUID Sudo
ksh	Shell Reverse shell File upload File download File write File read SUID Sudo
ld.so	Shell SUID Sudo
less	Shell File write File read SUID Sudo
logsave	Shell SUID Sudo
ltrace	Shell Sudo
lua	Shell Non-interactive reverse shell Non-interactive bind shell File upload File download File write File read Sudo Limited SUID
mail	Shell Sudo
make	Shell File write SUID Sudo
man	Shell File read Sudo
more	Shell File read SUID Sudo
mount	Sudo
mtr	File read Sudo
mv	SUID Sudo
mysql	Shell Sudo Limited SUID
nano	Shell File write File read SUID Sudo
nc	Reverse shell Bind shell File upload File download Sudo Limited SUID
nice	Shell SUID Sudo
nl	File read SUID Sudo
nmap	Shell Non-interactive reverse shell Non-interactive bind shell File upload File download File write File read Sudo Limited SUID
node	Shell Reverse shell Bind shell SUID Sudo Capabilities
od	File read SUID Sudo
openssl	Reverse shell File upload File download File write File read SUID Sudo
perl	Shell Reverse shell SUID Sudo Capabilities
pg	Shell File read SUID Sudo
php	Shell Command Reverse shell File upload File download SUID Sudo Capabilities
pic	Shell Sudo Limited SUID
pico	Shell File write File read SUID Sudo
pip	Shell Reverse shell File upload File download File write File read Library load Sudo
puppet	Shell File write File read Sudo
python	Shell Reverse shell File upload File download File write File read Library load SUID Sudo Capabilities
readelf	File read SUID Sudo
red	File write File read Sudo
rlogin	File upload
rlwrap	Shell File write SUID Sudo
rpm	Shell SUID Sudo
rpmquery	Shell SUID Sudo
rsync	Shell SUID Sudo
ruby	Shell Reverse shell File upload File download File write File read Library load Sudo Capabilities
run-mailcap	Shell File write File read Sudo
run-parts	Shell SUID Sudo
rvim	Shell Reverse shell Non-interactive reverse shell Non-interactive bind shell File upload File download File write File read Library load SUID Sudo Capabilities Limited SUID
scp	Shell File upload File download Sudo Limited SUID
screen	Shell File write Sudo
script	Shell File write Sudo
sed	Shell Command File write File read SUID Sudo
setarch	Shell SUID Sudo
sftp	Shell File upload File download Sudo
shuf	File write SUID
smbclient	Shell File upload File download Sudo
socat	Reverse shell Bind shell Sudo Limited SUID
sort	File read SUID Sudo
sqlite3	Shell File write File read Sudo Limited SUID
ssh	Shell File upload File download File read Sudo
start-stop-daemon	Shell SUID Sudo
stdbuf	Shell SUID Sudo
strace	Shell SUID Sudo
systemctl	SUID Sudo
tail	File read SUID Sudo
tar	Shell File write File read Sudo Limited SUID
taskset	Shell SUID Sudo
tclsh	Shell Non-interactive reverse shell SUID Sudo
tcpdump	Command Sudo
tee	File write SUID Sudo
telnet	Shell Reverse shell Sudo Limited SUID
tftp	File upload File download SUID Sudo
time	Shell SUID Sudo
timeout	Shell SUID Sudo
ul	File read SUID Sudo
unexpand	File read SUID Sudo
uniq	File read SUID Sudo
unshare	Shell SUID Sudo
vi	Shell File write File read Sudo
vim	Shell Reverse shell Non-interactive reverse shell Non-interactive bind shell File upload File download File write File read Library load SUID Sudo Capabilities Limited SUID
watch	Shell SUID Sudo Limited SUID
wget	File upload File download SUID Sudo
whois	File upload File download
wish	Shell Non-interactive reverse shell Sudo
xargs	Shell File read SUID Sudo
xxd	File write File read SUID Sudo
yum	Sudo
zip	Shell Sudo Limited SUID
zsh	Shell SUID Sudo
zypper	Shell Sudo
No binary matches...

GTFOBins Star

GTFOBins
Star