sudo-nopasswd: Sudo NOPASSWD - Privilege Escalation

日期: 2025-08-01 | 影响软件: Sudo | POC: 已公开

漏洞描述

Sudo configuration might allow a user to execute some command with another user's privileges without knowing the password.

PoC代码[已公开]

id: sudo-nopasswd

info:
  name: Sudo NOPASSWD - Privilege Escalation
  author: daffainfo
  severity: high
  description: Sudo configuration might allow a user to execute some command with another user's privileges without knowing the password.
  reference:
    - https://book.hacktricks.xyz/linux-hardening/privilege-escalation#nopasswd
  metadata:
    verified: true
  tags: code,linux,sudo,privesc,local

self-contained: true
code:
  - engine:
      - sh
      - bash
    source: |
        sudo -l

    matchers:
      - type: word
        part: code_1_response
        words:
          - "(root) NOPASSWD:"
# digest: 4a0a0047304502203fed09936acd0184f8239fbd5bfd5caea9650d83284dd7ad0e33f40af198b873022100b17205cf173f893e2d803afa4c1049bf300c329e2830b439cecbbb679cd11f07:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./code/privilege-escalation/linux/sudo-nopasswd.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐