Currently, when exploiting ESC 4, this tool will attempt to save the original template as a json file and then rewrite the template to make it vulnerable to various ESC techniques. It may be possible that the original template is either corrupted during the save process or not saved, i.e running this tool from within a directory the user does not have write access. In this situation, the original template may be changed to a vulnerable state without a valid json file to revert from. The tool user does not have an ability to inspect the json file to determine validity prior to making changes to the original template.
It would be nice to separate the functionality required to save the old template with the functionality to write the vulnerable properties to the original template.
Perhaps something like "-save-old" to save the template and "-write-template" to write any changes to the template such as reverting to the -configuration file or writing esc1 vulnerabilities etc.
Currently, when exploiting ESC 4, this tool will attempt to save the original template as a json file and then rewrite the template to make it vulnerable to various ESC techniques. It may be possible that the original template is either corrupted during the save process or not saved, i.e running this tool from within a directory the user does not have write access. In this situation, the original template may be changed to a vulnerable state without a valid json file to revert from. The tool user does not have an ability to inspect the json file to determine validity prior to making changes to the original template. It would be nice to separate the functionality required to save the old template with the functionality to write the vulnerable properties to the original template. Perhaps something like "-save-old" to save the template and "-write-template" to write any changes to the template such as reverting to the -configuration file or writing esc1 vulnerabilities etc.