It can be used to break out from restricted environments by spawning an interactive system shell.
The exec argument runs an arbitrary command and spawn a shell.
socat stdin exec:bashIt can be used to break out from the intended program by running non-interactive system commands.
The exec argument runs an arbitrary command.
socat stdin exec:whoamiIt reads data from files, it may be used to do privileged reads or disclose files outside a restricted file system.
The command leverages socats ability to relay data, reading arbitary file by opening it in read-only mode.
socat -u OPEN:/etc/passwd,rdonly STDOUT