Create sg.md

Adding the "sg" binary which allows command execution under a "different" group ID. However, it can be used to break out of restricted environments by using a user's own group ID.
This commit is contained in:
SleestakOverflow 2021-02-15 21:49:13 -06:00 committed by GitHub
parent aa018b04c4
commit 99a572b7d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

19
_gtfobins/sg.md Normal file
View File

@ -0,0 +1,19 @@
---
functions:
shell:
- description: Commands can be run if the current user's group is specified, therefore no additional permissions are needed.
code: |
GROUPNAME=users
sg $GROUPNAME -c "/bin/sh"
command:
- description: Commands can be run if the current user's group is specified, therefore no additional permissions are needed.
code: |
COMMAND=whoami
GROUPNAME=users
sg $GROUPNAME -c $COMMAND
sudo:
- description: Any group can be specified as the user will have root permissions.
code: |
GROUPNAME=users
sudo sg $GROUPNAME -c "/bin/sh"
---