-
Notifications
You must be signed in to change notification settings - Fork 71
/
gtfobin_update.py
71 lines (58 loc) · 2.52 KB
/
gtfobin_update.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/usr/bin/env python3
import os
import json
import yaml
GTFOBINS_PATH = "GTFOBins.github.io/_gtfobins/"
GTFO_NOW_PATH = "gtfonow/gtfonow.py"
def replace_content(file_path, new_content, start_marker, end_marker):
"""Replace content in a file between start_marker and end_marker."""
try:
with open(file_path, 'r') as file:
content = file.readlines()
start_index = next((i for i, line in enumerate(
content) if start_marker in line), None)
end_index = next((i for i, line in enumerate(
content) if end_marker in line), None)
if start_index is not None and end_index is not None:
content = content[:start_index + 1] + \
[new_content + '\n'] + content[end_index:]
with open(file_path, 'w') as file:
file.writelines(content)
else:
print("Markers not found in file")
except IOError as e:
print(f"Error opening file: {e}")
def process_yaml(filename, key):
"""Process YAML file and extract data for a specific key."""
with open(filename, 'r') as f:
content = f.read().replace("---", "")
doc = yaml.load(content, Loader=yaml.Loader)
if key in doc["functions"]:
binary = os.path.basename(filename).replace(".md", "")
return binary, doc["functions"][key]
return None, None
def main():
sudo_bins = {}
suid_bins = {}
capabilities = {}
for filename in os.listdir(GTFOBINS_PATH):
if not filename.endswith(".md"):
continue
full_path = os.path.join(GTFOBINS_PATH, filename)
for key in ["sudo", "suid", "capabilities"]:
binary, payloads = process_yaml(full_path, key)
if binary and payloads:
if key == "sudo":
sudo_bins[binary] = payloads
elif key == "suid":
suid_bins[binary] = payloads
elif key == "capabilities":
capabilities[binary] = payloads
replace_content(GTFO_NOW_PATH, "sudo_bins = " + json.dumps(sudo_bins,
indent=4, sort_keys=True), "# SUDO_BINS_START", "# SUDO_BINS_END")
replace_content(GTFO_NOW_PATH, "suid_bins = " + json.dumps(suid_bins,
indent=4, sort_keys=True), "# SUID_BINS_START", "# SUID_BINS_END")
replace_content(GTFO_NOW_PATH, "capabilities = " + json.dumps(capabilities,
indent=4, sort_keys=True), "# CAPABILITIES_START", "# CAPABILITIES_END")
if __name__ == "__main__":
main()