--- # this is the rendering order of functions execute-interactive: label: Interactive execute description: | It executes interactive commands that may be used to break out from restricted shells. execute-non-interactive: label: Non-interactive execute description: | It executes non-interactive commands that may be used to break out from restricted shells. reverse-shell-interactive: label: Interactive reverse shell description: | It can send back a reverse shell to a listening attacker to open a remote network access. reverse-shell-non-interactive: label: Non-interactive reverse shell description: | It can send back a non-interactive reverse shell to a listening attacker to open a remote network access. bind-shell-interactive: label: Interactive bind shell description: | It can bind a shell to a local port to allow remote network access. bind-shell-non-interactive: label: Non-interactive bind shell description: | It can bind a non-interactive shell to a local port to allow remote network access. upload: label: Upload description: | It can exfiltrate files on the network. download: label: Download description: | It can download remote files. file-write: label: File write description: | It writes data to files, it may be used to do privileged writes or write files outside a restricted file system. file-read: label: File read description: | It reads data from files, it may be used to do privileged reads or disclose files outside a restricted file system. load-library: label: Library load description: | It loads shared libraries that may be used to run code in the binary execution context. suid-enabled: label: SUID description: | It runs with the SUID bit set and may be exploited to access the file system, escalate or maintain access with elevated privileges working as a SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems like Debian that allow the default `sh` shell to run with SUID privileges. sudo-enabled: label: Sudo description: | It runs in privileged context and may be used to access the file system, escalate or maintain access with elevated privileges if enabled on `sudo`. capabilities-enabled: label: Capabilities description: | It can manipulate its process UID and in Linux systems it can be set with the `CAP_SETUID` capability to make it work as a backdoor to maintain elevated privileges. This also works if the binary is invoked by another binary with the capability set. suid-limited: label: Limited SUID description: | It runs with the SUID bit set and may be exploited to access the file system, escalate or maintain access with elevated privileges working as a SUID backdoor. If it is used to run commands it only works on systems like Debian that allow the default `sh` shell to run with SUID privileges.