某些极端场景下(比如CTF),或者绕过应用白名单限制,使用AWK来下载远程文件:
可利用的有:
/inet4/tcp/0/google.com/80
/inet/tcp/0/google.com/80
/inet/tcp/0/172.217.10.142/80
/inet/tcp/0/2899905166/80
/inet/tcp/000/62707171716065616666/80/0080
/i156e164/164cp/0000/62707171716065616666/00080
demo:
awk 'BEGIN {
RS = ORS = "rn"
HTTPCon = "/inet4/tcp/0/google.com/80"
print "HEAD / HTTP/1.1rnConnection: closern"|& HTTPCon
while ((HTTPCon |& getline) > 0)
print $0
close(HTTPCon)
}' 2>/dev/null
awk 'BEGIN {
RS = ORS = "rn"
HTTPCon = "/inet/tcp/0/2899905166/80"
print "HEAD / HTTP/1.1rnConnection: closern"|& HTTPCon
while ((HTTPCon |& getline) > 0)
print $0
close(HTTPCon)
}' 2>/dev/null
本文始发于微信公众号(T00ls):【奇技淫巧】利用AWK实现远程文件下载
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论