killchain-compendium/Exploits/Linux/Bash.md

Bash Exploit Possibilities

Eval

Test

Test includes -eq. It can be used to execute code which is evaluated before the comparison. Vidarholen show examples on how to do it. An example is the following

num=a[$(date >&2)]+42

date get executed and the test [[ $num -eq 42 ]] gets evaluated to true