> If the binary is allowed to run as superuser by sudo, it does not drop the elevated privileges and may be used to access the file system, escalate or maintain privileged access.
LFILE=file_to_write
echo DATA | sudo tee -a "$LFILE"
Yes... this is how it works?
What does the author expect? Sudo executing programs with root privileges resulting in not using them or what?
I'm certain the author has bogus expectations here.
> It is important to note that this is not a list of exploits, and the programs listed here are not vulnerable per se, rather, GTFOBins is a compendium about how to live off the land when you only have certain binaries available.
You can directly map most of the tags into a libc function clall combination, like the "Command" tag is just programs that run user input into a system() call. Even for programs where this is their primary function. It has nothing to do with "bypassing".
The author is making a security theater out of nothing for posing.
The point is to get to these functionality from a limited set of shell commands, not to get to this functionality from an arbitrary executable.
> The author is making a security theater out of nothing for posing.
Again, the author is not making accusations of security flaws. I don't know how they could have described it better, but the author was going for something very narrow and specific.
> If the binary is allowed to run as superuser by sudo, it does not drop the elevated privileges and may be used to access the file system, escalate or maintain privileged access.
Yes... this is how it works?What does the author expect? Sudo executing programs with root privileges resulting in not using them or what?
I'm certain the author has bogus expectations here.