Skip to content

CyberCommands/exploit-sudoedit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 

Repository files navigation

PoC Eploit Sudo 1.9.5p1 (CVE-2021-3156) Heap-Based Buffer Overflow Privilege Escalation.

Python3.x PEP8

CVE-2021-3156 is a new severe vulnerability was found in Unix and Linux operating systems that allow an unprivileged user to exploit this vulnerability using Sudo, causing a heap overflow to elevate privileges to root without authentication, or even get listed in the sudoers file.

Credit to: Advisory by Baron Samedit of Qualys

How to check if you are affected.

The sudo project released a command that allows you to test whether your version of sudo is vulnerable:

sudoedit -s '\' `perl -e 'print "A" x 65536'`

If you receive a usage or error message, sudo is not vulnerable. If the result is a Segmentation fault, sudo is vulnerable.

Download the exploit code.

git clone https://github.com/CyberCommands/exploit-sudoedit.git sudoedit/
cd sudoedit/
sudo python3 exploit.py --help

Important Note for Exploit.

  • The modified time of /etc/passwd needs to be newer than the system boot time, if it isn't you can use chsh to update it. Unfortunately this means you will have to know the password for the account you are running as. Remember that chsh doesn't accept empty passwords by default so if it is empty you may have to set one with passwd.

About

No description or website provided.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages