nuclei-templates/code/privilege-escalation/linux/sudo-nopasswd.yaml

27 lines
804 B
YAML

id: sudo-nopasswd
info:
name: Sudo NOPASSWD - Privilege Escalation
author: daffainfo
severity: high
description: Sudo configuration might allow a user to execute some command with another user's privileges without knowing the password.
reference:
- https://book.hacktricks.xyz/linux-hardening/privilege-escalation#nopasswd
metadata:
verified: true
tags: code,linux,sudo,privesc,local
self-contained: true
code:
- engine:
- sh
- bash
source: |
sudo -l
matchers:
- type: word
part: code_1_response
words:
- "(root) NOPASSWD:"
# digest: 4a0a00473045022100de6ba465a1014a68bf361233db593957b6412aa0496a46cc569184eedd84611702203545ae3f61902e6068aff724e05ec287f68ad332ccf73aa02ec78d1800429f24:922c64590222798bb761d5b6d8e72950