Add argument injections and library load for fakeroot

SonarSource / argument-injection-vectors

A curated list of argument injection vectors

GNU General Public License v3.0

37 stars 3 forks source link

Open cosad3s opened 9 months ago

cosad3s commented 9 months ago

This package is present in lot of environments.

Examples for argument injection: fakeroot -f "touch /tmp/pwnd" or fakeroot -s "id" (the env variable FAKEROOTKEY will hold the result of id)
Example for library load: fakeroot -l /tmp/revshell.so

(Other fakeroot forks / variations are probably subjects to these injections.)

thomas-chauchefoin-sonarsource commented 9 months ago

Thank you! I'll keep it open for now, and merge it once I find a CVE or a write-up of an argument injection on fakeroot.