GTFOBins.github.io issues

Create easyrsa.md

abuses Easyrsa vars file (https://github.com/OpenVPN/easy-rsa/blob/master/doc/EasyRSA-Advanced.md)

jmrcsnchz

qpdf file-read

Adds an entry for qpdf, which can be used to read local files with sudo.

tehryanx

Update make.md

Output a file contents to stdout with make.

hamzawinix

Added qpdf arbitrary file read

Added techqniue allows using `qpdf` to read any arbitrary file. If `qpdf` can run as elevated user, this can be used to read sensitive files.

captain-woof

Update aws.md

Add local file-read capabilite on aws binarie

pedrojosenavasperez

![image](https://github.com/GTFOBins/GTFOBins.github.io/assets/68353531/6bc69786-1e9e-43c2-89e4-b243eb1ceaa8) In test case, the user with sudo rights to dnsmasq was able to execute the bash script using the intended --conf-script flag. Contents of test.sh ``` cp /root/flag.txt /tmp/flag.txt...

frostb1ten

Added apport-cli

I added `apport-cli`, which can be used to create a bug report, then view the report in a text editor, which may allow shell escapes and/or privileged file read/writes (Depending...

captain-woof

Add another file read to genisoimage

https://gtfobins.github.io/gtfobins/genisoimage/ ``` genisoimage -sort /flag ```

EsamLasheen

Added doas

Nosferatuvjr

Create setcap.md

Adding setcap suid and sudo exploits

SofiaEngvall

GTFOBins.github.io
GTFOBins.github.io copied to clipboard

Metadata

Create easyrsa.md

qpdf file-read

Update make.md

Added qpdf arbitrary file read

Update aws.md

Create dnsmasq.md

Added apport-cli

Add another file read to genisoimage

Added doas

Create setcap.md

← Metadata

Owner

Metadata

GTFOBins.github.io GTFOBins.github.io copied to clipboard

Metadata

← Metadata

Owner

Metadata

GTFOBins.github.io
GTFOBins.github.io copied to clipboard