Gtfo – Search For Unix Binaries That Can Be Exploited To Bypass System Security Restrictions

January 15, 2020
gtfo 3

This is a standalone script written in Python 3 for GTFOBins. You can search for Unix binaries that can be exploited to bypass system security restrictions. These binaries can be abused to

get the f**k

break out of restricted shells, escalate privileges, transfer files, spawn bind and reverse shells, etc…
The functions are from https://github.com/GTFOBins/GTFOBins.github.io and all credit goes to its respective contributors. They are simplified (no need for environmental variables) and syntax highlighted.

Download

git clone https://github.com/t0thkr1s/gtfo

Install
The script has 2 dependencies:

  • colorama
  • pygments

You can install these by typing:

python3 setup.py install

Run

python3 gtfo.py [binary]

Screenshots

gtfo 3

gtfo 4

Disclaimer

This tool is only for testing and academic purposes and can only be used where strict consent has been given. Do not use it for illegal purposes! It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this tool and software.

Download Gtfo
Original Source
Tags: , , , ,

You may have missed

CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

April 20, 2024
CISA Logo

CISA: Joint Guidance on Deploying AI Systems Securely

April 20, 2024
CISA Logo

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

April 20, 2024
CISA Logo

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

April 20, 2024
CISA Logo

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

April 20, 2024