CptGibbon/CVE-2021-3156 CptGibbon/CVE-2021-3156

  • Stars
    star
    143
  • Rank 256,059 (Top 6 %)
  • Language
    C
  • Created over 3 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
CptGibbon/CVE-2021-3156
github

CptGibbon

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Root shell PoC for CVE-2021-3156

CVE-2021-3156

Root shell PoC for CVE-2021-3156 (no bruteforce)

For educational purposes etc.

Tested on Ubuntu 20.04 against sudo 1.8.31

All research credit: Qualys Research Team Check out the details on their blog.

You can check your version of sudo is vulnerable with: $ sudoedit -s Y. If it asks for your password it's most likely vulnerable, if it prints usage information it isn't. You can downgrade to the vulnerable version on Ubuntu 20.04 for testing purposes with $ sudo apt install sudo=1.8.31-1ubuntu1

Usage

$ make

$ ./exploit

More Repositories

1

House-of-Corrosion

A description of the "House of Corrosion" GLIBC heap exploitation technique.
220
star
2

Windows-Process-Injection

Some simple process injection techniques targeting the Windows platform
C
30
star