Comment by stackghost
2 hours ago
If memory serves, I got creds for a machine where the git user was able to run `git diff` with setuid, so you could abuse the pager to escape into an elevated shell.
2 hours ago
If memory serves, I got creds for a machine where the git user was able to run `git diff` with setuid, so you could abuse the pager to escape into an elevated shell.
No comments yet
Contribute on Hacker News ↗