search

GTFOBins / GTFOBins.github.io

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
https://gtfobins.github.io
GNU General Public License v3.0
10.85k stars 1.33k forks source link

update ssh-keygen with exploit code #437

Open Zeeshan12340 opened 9 months ago

Zeeshan12340 commented 9 months ago

Added exploit code to ssh-keygen in the description section. Built the project with addition locally and this is how it looks:

image

Siddhartha2300032769 commented 8 months ago

+The C_GetFunctionList() function contains the code you want to execute when the library is loaded. In this case, it executes /bin/sh with root privileges. We're using the setuid(0) function to set the effective UID to root before executing the command. This is done to ensure the command executes with root privileges. +The attribute((constructor)) directive is used to define a constructor function that will be executed when the library is loaded. In this case, it's used to call C_GetFunctionList() when the library is loaded.