漏洞描述
xargs is a command in Unix and Unix-like operating systems used to build and execute command lines from standard input.
id: privesc-xargs
info:
name: Xargs - Privilege Escalation
author: daffainfo
severity: high
description: |
xargs is a command in Unix and Unix-like operating systems used to build and execute command lines from standard input.
reference:
- https://gtfobins.github.io/gtfobins/xargs/
metadata:
verified: true
max-request: 3
tags: code,linux,xargs,privesc,local
self-contained: true
code:
- engine:
- sh
- bash
source: |
whoami
- engine:
- sh
- bash
source: |
xargs -a /dev/null whoami
- engine:
- sh
- bash
source: |
sudo xargs -a /dev/null whoami
matchers-condition: and
matchers:
- type: word
part: code_1_response
words:
- "root"
negative: true
- type: dsl
dsl:
- 'contains(code_2_response, "root")'
- 'contains(code_3_response, "root")'
condition: or
# digest: 4a0a00473045022100c686fd9a60e663198f4932f6e1fefce20cd8ded887c8950e6d6a9d14f793af700220430c5ee15fb84c8ff50eac9f301942fbea0c85def62bb6762fda01bc5999da0a:922c64590222798bb761d5b6d8e72950