nuclei-templates/code/privilege-escalation/linux/binary/privesc-pexec.yaml

49 lines
1.1 KiB
YAML
Raw Normal View History

2024-01-22 13:29:57 +00:00
id: privesc-pexec
2023-12-13 15:07:24 +00:00
info:
name: pexec - Privilege Escalation
author: daffainfo
severity: high
2024-01-22 13:29:57 +00:00
description: |
The term "pexec" typically refers to the "privileged execution" of a command or program.
reference: |
https://gtfobins.github.io/gtfobins/pexec/
2023-12-13 15:07:24 +00:00
metadata:
verified: true
max-request: 3
tags: code,linux,pexec,privesc,local
2023-12-13 15:07:24 +00:00
self-contained: true
code:
- engine:
- sh
- bash
source: |
2024-01-22 13:29:57 +00:00
whoami
2023-12-13 15:07:24 +00:00
- engine:
- sh
- bash
source: |
2024-01-22 13:29:57 +00:00
pexec whoami
2023-12-13 15:07:24 +00:00
- engine:
- sh
- bash
source: |
2024-01-22 13:29:57 +00:00
sudo pexec whoami
2023-12-13 15:07:24 +00:00
matchers-condition: and
matchers:
2024-01-22 13:29:57 +00:00
- type: word
part: code_1_response
words:
- "root"
negative: true
2023-12-13 15:07:24 +00:00
- type: dsl
dsl:
- 'contains(code_2_response, "root")'
- 'contains(code_3_response, "root")'
condition: or
# digest: 4a0a00473045022100ffd73bbffb6b8f255e4ff49596ec507fa0fad10e1860aebf788009fa3ec362700220789321e46690714047244d7c81ba5e4114f3bc1e6a2e6c8c9ac45182b5feeede:922c64590222798bb761d5b6d8e72950