daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lint -fix

patch-1
pussycat0x 2024-01-22 19:39:39 +05:30
parent ff914cd68c
commit b62697a608
70 changed files with 5 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
code/privilege-escalation/linux/binary/privesc-aa-exec.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
aa-exec whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc.yaml → code/privilege-escalation/linux/binary/privesc-ash.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
ash -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-awk.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
awk 'BEGIN {system("whoami")}'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-bash.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
bash -c 'whoami'
#SUDO
- engine:
- sh
- bash

4
code/privilege-escalation/linux/binary/privesc-cdist.yaml
View File

@ -5,7 +5,7 @@ info:
author: daffainfo
severity: high
description: |
cdist is a free software configuration management tool for Unix-like systems. It manages nodes over SSH using the Bourne Shell, and does not require any additional software to be installed on target nodes.
cdist is a free software configuration management tool for Unix-like systems. It manages nodes over SSH using the Bourne Shell, and does not require any additional software to be installed on target nodes.
reference:
- https://gtfobins.github.io/gtfobins/cdist/
metadata:
@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
cdist shell -s whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-choom.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
choom -n 0 whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-cpulimit.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
cpulimit -l 100 -f whoami
#SUDO
- engine:
- sh
- bash

4
code/privilege-escalation/linux/binary/privesc-csh.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: |
csh stands for C Shell, which is a Unix shell with C-like syntax. It is a command-line interpreter that provides a command-line interface for Unix-like operating systems. It has features similar to other Unix shells such as bash and sh, but with a different syntax and set of features.
reference:
reference:
- https://gtfobins.github.io/gtfobins/csh/
metadata:
verified: true
@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
csh -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-csvtool.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
csvtool call 'whoami;false' /etc/passwd
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-dash.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
dash -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-dc.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
dc -e '!whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-distcc.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
distcc whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-elvish.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
elvish -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-enscript.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
enscript /dev/null -qo /dev/null -I 'whoami >&2'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-env.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
expect -c 'spawn whoami;interact'
#SUDO
- engine:
- sh
- bash

4
code/privilege-escalation/linux/binary/privesc-expect.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: |
expect is a Unix scripting and testing utility that automates interactive applications such as telnet, ftp, passwd, fsck, rlogin, tip, and more. It uses scripts to control interactive applications, making it useful for automating tasks that involve user input.
reference:
reference:
- https://gtfobins.github.io/gtfobins/expect/
metadata:
verified: true
@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
expect -c 'spawn whoami;interact'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-find.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
find . -exec whoami \; -quit
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-fish.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
fish -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-flock.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
flock -u / whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-gawk.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
gawk 'BEGIN {system("whoami")}'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-grc.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
grc --pty whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-ionice.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
ionice whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-julia.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
julia -e 'run(`whoami`)'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-lftp.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
lftp -c '!whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-ltrace.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
ltrace -b -L whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-lua.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
lua -e 'os.execute("whoami")'
#SUDO
- engine:
- sh
- bash

4
code/privilege-escalation/linux/binary/privesc-mawk.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: |
mawk is an efficient and fast implementation of the AWK programming language. It is designed to be smaller and faster than the original AWK implementation, making it suitable for large data processing tasks. mawk is commonly used for text processing and pattern scanning in shell scripts and command-line environments.
reference:
reference:
- https://gtfobins.github.io/gtfobins/mawk/
metadata:
verified: true
@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
mawk 'BEGIN {system("whoami")}'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-multitime.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
multitime whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-mysql.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
mysql -e '\! whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-nawk.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
nawk 'BEGIN {system("whoami")}'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-nice.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
nice whoami
#SUDO
- engine:
- sh
- bash

3
code/privilege-escalation/linux/binary/privesc-node.yaml
View File

@ -20,21 +20,18 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
node -e 'require("child_process").spawn("whoami", {stdio: [0, 1, 2]})'
#SUDO
- engine:
- sh
- bash
source: |
sudo node -e 'require("child_process").spawn("whoami", {stdio: [0, 1, 2]})'
#Capabilities
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-nsenter.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
nsenter whoami
#SUDO
- engine:
- sh
- bash

3
code/privilege-escalation/linux/binary/privesc-perl.yaml
View File

@ -20,21 +20,18 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
perl -e 'exec "whoami";'
#SUDO
- engine:
- sh
- bash
source: |
sudo perl -e 'exec "whoami";'
#Capabilities
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-pexec.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
pexec whoami
#SUDO
- engine:
- sh
- bash

3
code/privilege-escalation/linux/binary/privesc-php.yaml
View File

@ -20,21 +20,18 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
php -r 'system("whoami");'
#SUDO
- engine:
- sh
- bash
source: |
sudo php -r 'system("whoami");'
#Capabilities
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-posh.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
posh -c 'whoami'
#SUDO
- engine:
- sh
- bash

3
code/privilege-escalation/linux/binary/privesc-python.yaml
View File

@ -20,21 +20,18 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
python -c 'import os; os.system("whoami")'
#SUDO
- engine:
- sh
- bash
source: |
sudo python -c 'import os; os.system("whoami")'
#Capabilities
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-rake.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
rake -p '`whoami 1>&0`'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-rc.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
rc -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-rlwrap.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
rlwrap whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-rpm.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
rpm --pipe 'whoami 0<&1'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-rpmdb.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
rpmdb --eval '%(whoami 1>&2)'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-rpmverify.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
rpmverify --eval '%(whoami 1>&2)'
#SUDO
- engine:
- sh
- bash

3
code/privilege-escalation/linux/binary/privesc-ruby.yaml
View File

@ -20,21 +20,18 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
ruby -e 'exec "whoami"'
#SUDO
- engine:
- sh
- bash
source: |
sudo ruby -e 'exec "whoami"'
#Capabilities
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-run-parts.yaml
View File

@ -19,14 +19,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
run-parts --new-session --regex 'whoami' /bin
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-sash.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
sash -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-slsh.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
slsh -e 'system("whoami")'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-socat.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
socat stdin exec:whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-softlimit.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
softlimit whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-sqlite3.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
sqlite3 /dev/null '.shell whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-ssh-agent.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
ssh-agent whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-sshpass.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
sshpass whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-stdbuf.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
stdbuf -i0 whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-strace.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
strace -o /dev/null whoami
#SUDO
- engine:
- sh
- bash

4
code/privilege-escalation/linux/binary/privesc-tar.yaml
View File

@ -5,7 +5,7 @@ info:
author: daffainfo
severity: high
description: |
tar is a command-line utility used to create and manipulate archive files. It is commonly used for bundling multiple files and directories into a single archive, often used in conjunction with compression tools like gzip or bzip2.
tar is a command-line utility used to create and manipulate archive files. It is commonly used for bundling multiple files and directories into a single archive, often used in conjunction with compression tools like gzip or bzip2.
reference:
- https://gtfobins.github.io/gtfobins/tar/
metadata:
@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
tar -cf /dev/null /dev/null --checkpoint=1 --checkpoint-action=exec=whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-tcsh.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
tcsh -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-time.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
time whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-timeout.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
timeout 7d whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-tmate.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
tmate -c whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-torify.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
torify whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-torsocks.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
torsocks whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-unshare.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
unshare whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-vi.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
vi -c '!whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-view.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
view -c ':!whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-vim.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
vim -c '!whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-xargs.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
xargs -a /dev/null whoami
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-xdg-user-dir.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
xdg-user-dir '}; whoami #'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-yash.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
yash -c 'whoami'
#SUDO
- engine:
- sh
- bash

2
code/privilege-escalation/linux/binary/privesc-zsh.yaml
View File

@ -20,14 +20,12 @@ code:
source: |
whoami
#SUID
- engine:
- sh
- bash
source: |
zsh -c 'whoami'
#SUDO
- engine:
- sh
- bash