Published Mon, 3rd Oct ’16
This is a super quick post on a simple method to exfiltrate data from systems running BusyBox, a shell commonly used on embedded devices. Such systems often lack common tools, presenting a challenge when you need to move data about. When I first looked into this topic I found solutions which were too specific or complex, so I hope this post is useful.
The BusyBox man page lists commonly available commands, which currently include *deep breath*:
Spot anything interesting? The commands ftpget and ftpput should stand out, and they do exactly what you’d expect. Note that there may not be a symlink to the commands on a given system even if they’re compiled into BusyBox – if running ftpput returns “not found” try busybox ftpput to access the command (the applet in BusyBox parlance).
All you need now is a listening FTP server. Any will do, but I found
Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/U9IIRB-t_Rg/exfiltrating_files_with_busybox