Comment by stackghost
3 hours ago
If memory serves, I got creds for a machine where the git user was able to run `git diff` with setuid, so you could abuse the pager to escape into an elevated shell.
3 hours ago
If memory serves, I got creds for a machine where the git user was able to run `git diff` with setuid, so you could abuse the pager to escape into an elevated shell.
No comments yet
Contribute on Hacker News ↗