.. / strace

Fork Star

• Shell
• File write

Shell

This executable can spawn an interactive system shell.

• Unprivileged

  This function can be performed by any unprivileged user.

  strace -o /dev/null /bin/sh

  Sudo

  This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

  Remarks

  If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

  strace -o /dev/null /bin/sh

  SUID

  This function is performed by the privileged user if the executable has the SUID bit set and the right ownership because the effective privileges are not dropped.

  Remarks

  This executable runs commands directly, e.g., via functions like exec, remember to omit the -p argument of every /bin/sh invocation for distributions where the default shell does not drop SUID privileges.

  strace -o /dev/null /bin/sh -p

File write

This executable can write data to local files.

• Comment

  The data to be written appears amid the syscall log, quoted and with special characters escaped in octal notation. The string representation will be truncated, pick a value big enough instead of 999. More generally, any binary that executes whatever syscall passing arbitrary data can be used in place of strace - DATA.

  Unprivileged

  This function can be performed by any unprivileged user.

  strace -s 999 -o /path/to/output-file strace - DATA

  Sudo

  This function is performed by the privileged user if executed via sudo because the acquired privileges are not dropped.

  Remarks

  If there are environment variables involved, they must be passed via sudo VAR=value ... or exported then sudo -E ....

  strace -s 999 -o /path/to/output-file strace - DATA

Source | History