GTFOBins.github.io icon indicating copy to clipboard operation
GTFOBins.github.io copied to clipboard

Published 20 hours ago verified publisher icon GTFOBins

Add rvim shell trick (restricted environment breakout)

Open LucasVanHaaren opened this issue 1 year ago • 2 comments

Hello,

I added to the rvim page a trick to get a shell through the poisonning of the ~/.vimrc file, It only works on older versions of rvim.

Let me know if anything is wrong.

Here is the link to the vuln discover thread : https://huntr.dev/bounties/d60e9e45-be06-40cb-99ad-d94ecdfb0fa4/

Thank you :heart:

LucasVanHaaren avatar Sep 25 '23 14:09 LucasVanHaaren

Hi. Could you specify up to which version this works? 🌵

locaIhost avatar Sep 25 '23 18:09 locaIhost

Hi, sure !

According to the huntr.dev thread this trick works up to vim version 9.0.1440. I had mentioned it on the page but not in this ticket :smile:

LucasVanHaaren avatar Sep 26 '23 09:09 LucasVanHaaren