Syntax cleanup, removed some non-working SUID entries

2025-11-04 02:38:43 +01:00 · 2020-11-13 11:56:48 +01:00
parent bd1e3ce65d
commit 764b2685bc
16 changed files with 65 additions and 105 deletions
--- a/_gtfobins/check_by_ssh.md
+++ b/_gtfobins/check_by_ssh.md
@@ -4,26 +4,18 @@ description: |
 functions:
  command:
    - code: |
-        COMMAND='/usr/bin/id'
-        OUTPUT="output_file"
+        COMMAND=id
+        OUTPUT=output_file
        TF=$(mktemp)
-        echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF
-        check_by_ssh -F "$TF" -H localhost -C something
-        cat $OUTPUT
-  suid:
-    - code: |
-        COMMAND='/usr/bin/id'
-        OUTPUT="output_file"
-        TF=$(mktemp)
-        echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF
-        check_by_ssh -F "$TF" -H localhost -C something
+        echo "ProxyCommand $COMMAND | tee $OUTPUT" > $TF
+        check_by_ssh -F $TF -H localhost -C something
        cat $OUTPUT
  sudo:
    - code: |
-        COMMAND='/usr/bin/id'
-        OUTPUT="output_file"
+        COMMAND=id
+        OUTPUT=output_file
        TF=$(mktemp)
-        echo "ProxyCommand \"$COMMAND\" | tee \"$OUTPUT\"" > $TF
-        check_by_ssh -F "$TF" -H localhost -C something
+        echo "ProxyCommand $COMMAND | tee $OUTPUT" > $TF
+        sudo check_by_ssh -F $TF -H localhost -C something
        cat $OUTPUT
 ---
--- a/_gtfobins/check_cups.md
+++ b/_gtfobins/check_cups.md
@@ -5,13 +5,9 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        check_cups --extra-opts=@"$LFILE"
-  suid:
-    - code: |
-        LFILE=file_to_read
-        ./check_cups --extra-opts=@"$LFILE"
+        check_cups --extra-opts=@$LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo check_cups --extra-opts=@"$LFILE"
+        sudo check_cups --extra-opts=@$LFILE
 ---
--- a/_gtfobins/check_log.md
+++ b/_gtfobins/check_log.md
@@ -6,25 +6,17 @@ functions:
    - code: |
        LFILE=file_to_read
        OUTPUT=output_file
-        umask 022
-        check_log -F "$LFILE" -O "$OUTPUT"
-        cat "$OUTPUT"
+        check_log -F $LFILE -O $OUTPUT
+        cat $OUTPUT
  file-write:
    - code: |
        LFILE=file_to_write
        INPUT=output_file
-        umask 022
-        check_log -F "$INPUT" -O "$LFILE"
-  suid:
-    - code: |
-        LFILE=file_to_write
-        INPUT=output_file
-        umask 022
-        ./check_log -F "$INPUT" -O "$LFILE"
+        check_log -F $INPUT -O $LFILE
  sudo:
    - code: |
        LFILE=file_to_write
        INPUT=output_file
        umask 022
-        sudo check_log -F "$INPUT" -O "$LFILE"
+        sudo check_log -F $INPUT -O $LFILE
 ---
--- a/_gtfobins/check_memory.md
+++ b/_gtfobins/check_memory.md
@@ -5,13 +5,9 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        check_memory --extra-opts=@"$LFILE"
-  suid:
-    - code: |
-        LFILE=file_to_read
-        ./check_memory --extra-opts=@"$LFILE"
+        check_memory --extra-opts=@$LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo check_memory --extra-opts=@"$LFILE"
+        sudo check_memory --extra-opts=@$LFILE
 ---
--- a/_gtfobins/check_raid.md
+++ b/_gtfobins/check_raid.md
@@ -5,13 +5,9 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        check_raid --extra-opts=@"$LFILE"
-  suid:
-    - code: |
-        LFILE=file_to_read
-        ./check_raid --extra-opts=@"$LFILE"
+        check_raid --extra-opts=@$LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo check_raid --extra-opts=@"$LFILE"
+        sudo check_raid --extra-opts=@$LFILE
 ---
--- a/_gtfobins/check_ssl_cert.md
+++ b/_gtfobins/check_ssl_cert.md
@@ -3,32 +3,24 @@ description: |
  This is the `check_by_ssh` Nagios plugin, available e.g. in `/usr/lib/nagios/plugins/`.
 functions:
  command:
-    - code: |
-        COMMAND='/usr/bin/id'
-        OUTPUT="output_file"
+    - description: The host example.net must return a certificate via TLS
+      code: |
+        COMMAND=id
+        OUTPUT=output_file
        TF=$(mktemp)
-        echo "$COMMAND | tee \"$OUTPUT\"" > $TF
+        echo "$COMMAND | tee $OUTPUT" > $TF
        chmod +x $TF
-        check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS
-        cat $OUTPUT
-  suid:
-    - code: |
-        COMMAND='/usr/bin/id'
-        OUTPUT="output_file"
-        umask 022
-        TF=$(mktemp)
-        echo "$COMMAND | tee \"$OUTPUT\"" > $TF
-        chmod +x $TF
-        ./check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS
+        check_ssl_cert --curl-bin $TF -H example.net
        cat $OUTPUT
  sudo:
-    - code: |
-        COMMAND='/usr/bin/id'
-        OUTPUT="output_file"
-        umask 022
+    - description: The host example.net must return a certificate via TLS
+      code: |
+        COMMAND=id
+        OUTPUT=output_file
        TF=$(mktemp)
-        echo "$COMMAND | tee \"$OUTPUT\"" > $TF
+        echo "$COMMAND | tee $OUTPUT" > $TF
        chmod +x $TF
-        sudo check_ssl_cert --curl-bin "$TF" -H example.com # example.com must provide TLS
+        umask 022
+        check_ssl_cert --curl-bin $TF -H example.net
        cat $OUTPUT
 ---
--- a/_gtfobins/check_statusfile.md
+++ b/_gtfobins/check_statusfile.md
@@ -5,13 +5,9 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        check_statusfile "$LFILE"
-  suid:
-    - code: |
-        LFILE=file_to_read
-        ./check_statusfile "$LFILE"
+        check_statusfile $LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo check_statusfile "$LFILE"
+        sudo check_statusfile $LFILE
 ---
--- a/_gtfobins/column.md
+++ b/_gtfobins/column.md
@@ -3,13 +3,13 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        column "$LFILE"
+        column $LFILE
  suid:
    - code: |
        LFILE=file_to_read
-        ./column "$LFILE"
+        ./column $LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo column "$LFILE"
+        sudo column $LFILE
 ---
--- a/_gtfobins/ex.md
+++ b/_gtfobins/ex.md
@@ -3,7 +3,7 @@ functions:
  shell:
    - code: |
        ex
-        !/bin/sh
+        !sh
  file-write:
    - code: |
        ex file_to_write
@@ -20,9 +20,9 @@ functions:
  sudo:
    - code: |
        sudo ex
-        !/bin/sh
-  limited-suid:
+        !sh
+  suid:
    - code: |
        ./ex
-        !/bin/sh
+        !sh -p
 ---
--- a/_gtfobins/psql.md
+++ b/_gtfobins/psql.md
@@ -4,15 +4,15 @@ functions:
    - code: |
        psql
        \?
-        !/bin/sh
-  sudo:
-    - code: |
-        psql
-        \?
-        !/bin/sh
+        !sh
  suid:
    - code: |
        psql
        \?
-        !/bin/sh
+        !sh -p
+  sudo:
+    - code: |
+        psql
+        \?
+        !sh
 ---
--- a/_gtfobins/rev.md
+++ b/_gtfobins/rev.md
@@ -3,13 +3,13 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        rev "$LFILE" | rev
+        rev $LFILE | rev
  suid:
    - code: |
        LFILE=file_to_read
-        ./rev "$LFILE" | rev
+        ./rev $LFILE | rev
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo rev "$LFILE" | rev
+        sudo rev $LFILE | rev
 ---
--- a/_gtfobins/ss.md
+++ b/_gtfobins/ss.md
@@ -5,13 +5,13 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        ss -a -F "$LFILE"
+        ss -a -F $LFILE
  suid:
    - code: |
        LFILE=file_to_read
-        ./ss -a -F "$LFILE"
+        ./ss -a -F $LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo ss -a -F "$LFILE"
+        sudo ss -a -F $LFILE
 ---
--- a/_gtfobins/ssh-keyscan.md
+++ b/_gtfobins/ssh-keyscan.md
@@ -5,13 +5,13 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        ssh-keyscan -f "$LFILE"
+        ssh-keyscan -f $LFILE
  suid:
    - code: |
        LFILE=file_to_read
-        ./ssh-keyscan -f "$LFILE"
+        ./ssh-keyscan -f $LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo ssh-keyscan -f "$LFILE"
+        sudo ssh-keyscan -f $LFILE
 ---
--- a/_gtfobins/tbl.md
+++ b/_gtfobins/tbl.md
@@ -5,13 +5,13 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        tbl "$LFILE"
+        tbl $LFILE
  suid:
    - code: |
        LFILE=file_to_read
-        ./tbl "$LFILE"
+        ./tbl $LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo tbl "$LFILE"
+        sudo tbl $LFILE
 ---
--- a/_gtfobins/troff.md
+++ b/_gtfobins/troff.md
@@ -5,13 +5,13 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        troff "$LFILE"
+        troff $LFILE
  suid:
    - code: |
        LFILE=file_to_read
-        ./troff "$LFILE"
+        ./troff $LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo troff "$LFILE"
+        sudo troff $LFILE
 ---
--- a/_gtfobins/xmodmap.md
+++ b/_gtfobins/xmodmap.md
@@ -5,13 +5,13 @@ functions:
  file-read:
    - code: |
        LFILE=file_to_read
-        xmodmap -v "$LFILE"
+        xmodmap -v $LFILE
  suid:
    - code: |
        LFILE=file_to_read
-        ./xmodmap -v "$LFILE"
+        ./xmodmap -v $LFILE
  sudo:
    - code: |
        LFILE=file_to_read
-        sudo xmodmap -v "$LFILE"
+        sudo xmodmap -v $LFILE
 ---