duplicate delete

patch-1
Ritik Chaddha 2024-01-26 13:56:22 +05:30
parent f9322db69d
commit 910f35ce72
4 changed files with 0 additions and 147 deletions

View File

@ -1,44 +0,0 @@
id: rw-shadow
info:
name: /etc/shadow writable or readabel - Privilege Escalation
author: daffainfo
severity: high
reference:
- https://book.hacktricks.xyz/linux-hardening/privilege-escalation#writable-etc-shadow
metadata:
verified: true
tags: code,linux,privesc
self-contained: true
code:
- engine:
- sh
- bash
source: |
whoami
- engine:
- sh
- bash
source: |
[ -r "/etc/shadow" ] || [ -w "/etc/shadow" ] && echo "Either readable or writable" || echo "Not readable and not writable"
matchers:
- type: word
part: code_1_response
words:
- "root"
negative: true
- type: word
part: code_2_response
words:
- "Either readable or writable"
- type: word
part: code_2_response
words:
- "Not readable and not writable"
negative: true
# digest: 4b0a00483046022100c78963808dac941393a893b98ff00ee7009bd9228193e55ecbb9640e944f7789022100fca86fbd6ee146369c1bdfe59c87b532d1117bca280dba5ef319e71f0102fde1:922c64590222798bb761d5b6d8e72950

View File

@ -1,44 +0,0 @@
id: rw-sudoers
info:
name: /etc/sudoers writable or readable - Privilege Escalation
author: daffainfo
severity: high
reference:
- https://book.hacktricks.xyz/linux-hardening/privilege-escalation#etc-sudoers-etc-sudoers.d
metadata:
verified: true
tags: code,linux,privesc
self-contained: true
code:
- engine:
- sh
- bash
source: |
whoami
- engine:
- sh
- bash
source: |
[ -r "/etc/sudoers" ] || [ -w "/etc/sudoers" ] && echo "Either readable or writable" || echo "Not readable and not writable"
matchers:
- type: word
part: code_1_response
words:
- "root"
negative: true
- type: word
part: code_2_response
words:
- "Either readable or writable"
- type: word
part: code_2_response
words:
- "Not readable and not writable"
negative: true
# digest: 4a0a00473045022100d543bff4619a3dee763c3cf291100761f724c8b2481d689fd4d9115992bd90470220558daf66ad9cbfb3c1e70caf73285980c389bd4d87aa9a5fda473b303d099847:922c64590222798bb761d5b6d8e72950

View File

@ -1,27 +0,0 @@
id: sudo-nopasswd
info:
name: Sudo NOPASSWD - Privilege Escalation
author: daffainfo
severity: high
description: Sudo configuration might allow a user to execute some command with another user's privileges without knowing the password.
reference:
- https://book.hacktricks.xyz/linux-hardening/privilege-escalation#nopasswd
metadata:
verified: true
tags: code,linux,sudo,privesc
self-contained: true
code:
- engine:
- sh
- bash
source: |
sudo -l
matchers:
- type: word
part: code_1_response
words:
- "(root) NOPASSWD:"
# digest: 4a0a00473045022100e62bc1a0b1a457ab643a4ee150cfc38becf287d629ee5200603723849691bc2602204b8aea2931fe9c3486dd06edf9325e8d2b406be20cc5fbcef197ff152119ddef:922c64590222798bb761d5b6d8e72950

View File

@ -1,32 +0,0 @@
id: writable-etc-passwd
info:
name: /etc/passwd writable - Privilege Escalation
author: daffainfo
severity: high
reference:
- https://book.hacktricks.xyz/linux-hardening/privilege-escalation#writable-etc-passwd
metadata:
verified: true
tags: code,linux,privesc
self-contained: true
code:
- engine:
- sh
- bash
source: |
[ -w "/etc/passwd" ] && echo "Writable" || echo "Not writable"
matchers:
- type: word
part: code_1_response
words:
- "Writable"
- type: word
part: code_1_response
words:
- "Not writable"
negative: true
# digest: 4a0a004730450220688d5a0b52ecf69ea46224b683a6ee0c757513641d59b72abb034cc31af73f11022100987335f5bd847f8c382c487b8af7a71c9b156c1e578436f6b0e01f791f229130:922c64590222798bb761d5b6d8e72950