{"id":431,"date":"2023-04-10T13:07:20","date_gmt":"2023-04-10T11:07:20","guid":{"rendered":"https:\/\/koban3.me\/?p=431"},"modified":"2023-04-10T13:18:17","modified_gmt":"2023-04-10T11:18:17","slug":"esfiltrazione-via-shell","status":"publish","type":"post","link":"https:\/\/koban3.me\/index.php\/2023\/04\/10\/esfiltrazione-via-shell\/","title":{"rendered":"Esfiltrazione via shell"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"431\" class=\"elementor elementor-431\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0e4d309 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"0e4d309\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3f8ccb5\" data-id=\"3f8ccb5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a7ab9c elementor-widget elementor-widget-heading\" data-id=\"5a7ab9c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Ambientazione<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-62289f3 elementor-widget elementor-widget-text-editor\" data-id=\"62289f3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Sei in un pc dove il firewall blocca i trasferimenti di file verso l&#8217;esterno tramite SCP\/SFTP ma una shell remota \u00e8 permessa (es. SSH). Come fare a tirare fuori un file dalla rete interna?<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ad6409b elementor-widget elementor-widget-heading\" data-id=\"ad6409b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Soluzione<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-64c917a elementor-widget elementor-widget-text-editor\" data-id=\"64c917a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Codificare in base64 il file da esfiltrare e scriverlo direttamente nel filesystem remoto tramite una shell!<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e134f53 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e134f53\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1a8b713\" data-id=\"1a8b713\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-dd7657c elementor-widget elementor-widget-heading\" data-id=\"dd7657c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Procedura<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-64dcbee elementor-widget elementor-widget-text-editor\" data-id=\"64dcbee\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>Codifica [Windows]:<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1e97ab6 elementor-widget elementor-widget-text-editor\" data-id=\"1e97ab6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>certutil -encode data.txt tmp.b64 &amp;&amp; findstr \/v \/c:- tmp.b64 &gt; data.b64<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2796460 elementor-widget elementor-widget-text-editor\" data-id=\"2796460\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>Codifica [Linux]:<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2fba03b elementor-widget elementor-widget-text-editor\" data-id=\"2fba03b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>base64 data.txt &gt; data.b64<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-84ea452 elementor-widget elementor-widget-text-editor\" data-id=\"84ea452\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Apertura shell remota&#8230;<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d13f01d elementor-widget elementor-widget-text-editor\" data-id=\"d13f01d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>Scrittura su filesystem remoto [Linux]:<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9845cc8 elementor-widget elementor-widget-text-editor\" data-id=\"9845cc8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>echo &#8220;&lt;base64 data&gt;&#8221; &gt; data.b64<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bcac8f3 elementor-widget elementor-widget-text-editor\" data-id=\"bcac8f3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>Decodifica:<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-32eecf7 elementor-widget elementor-widget-text-editor\" data-id=\"32eecf7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>base64 -d data.b64 &gt; data.txt<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-eef0626 elementor-widget elementor-widget-spacer\" data-id=\"eef0626\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5047db1 elementor-widget elementor-widget-image\" data-id=\"5047db1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"300\" height=\"300\" src=\"https:\/\/koban3.me\/wp-content\/uploads\/2023\/04\/dicaprio_meme_django-300x300.jpeg\" class=\"attachment-medium size-medium wp-image-436\" alt=\"\" srcset=\"https:\/\/koban3.me\/wp-content\/uploads\/2023\/04\/dicaprio_meme_django-300x300.jpeg 300w, https:\/\/koban3.me\/wp-content\/uploads\/2023\/04\/dicaprio_meme_django-150x150.jpeg 150w, https:\/\/koban3.me\/wp-content\/uploads\/2023\/04\/dicaprio_meme_django.jpeg 500w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Ambientazione Sei in un pc dove il firewall blocca i trasferimenti di file verso l&#8217;esterno tramite SCP\/SFTP ma una shell remota \u00e8 permessa (es. SSH). Come fare a tirare fuori un file dalla rete interna? Soluzione Codificare in base64 il file da esfiltrare e scriverlo direttamente nel filesystem remoto tramite [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14],"tags":[17,15,16,5,7],"class_list":["post-431","post","type-post","status-publish","format-standard","hentry","category-tricks","tag-base64","tag-exfiltration","tag-ssh","tag-cybersecurity","tag-hacking"],"_links":{"self":[{"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/posts\/431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/comments?post=431"}],"version-history":[{"count":3,"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/posts\/431\/revisions"}],"predecessor-version":[{"id":439,"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/posts\/431\/revisions\/439"}],"wp:attachment":[{"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/media?parent=431"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/categories?post=431"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/koban3.me\/index.php\/wp-json\/wp\/v2\/tags?post=431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}