Advanced Command Obfuscation

Find the output of the following command using one of the techniques you learned in this section: find /usr/share/ | grep root | grep mysql | tail -n 1.

For this question I have encoded this command with base64 and included the decoding line within my payload but it just wont work, I do not get an invalid input but the output is just the result of the ping.

image

Any idea why my output is not showing? I have tried using $@ to seperate bash and base64 but I believe I do not need to as I am not getting an ‘invalid input’ shown.

1 Like

I just found the answer, I was going wrong with what the question was asking. I did not understand that when it says “find /usr/share/ | grep root | grep mysql | tail -n 1” it meant that find was also within this set of commands and not just meaning find.

Remember to include find when encoding this otherwise you will end up like me looking stupid here haha, I hope this helps anyone in the future who has the same problem I have had.

2 Likes

thanks so much!!!

Hi there, just tried a few ways… once with reverse commands but without succeed now encoeded as per your post (with find) but without succeed:

ip=127.0.0.1%0abash<<<${base64%09-d<<<ZmluZCAvdXNyL3NoYXJlIHwgZ3JlcCByb290IHwgZ3JlcCBteXNxbCB8IHRhaWwgLW4gMQ==}

Decoded: find /usr/share | grep root | grep mysql | tail -n 1

What am I doing wrong? do you have a hint for me?

Tente simplifiicar/reduzir o input. Fiz isso e consegui. Acho que o comando completo esta gerando algum erro.

Anyone having problems with the next section Evasion Tools? When I install bashfuscator and supply command it does not work?