关联漏洞
标题:
Sudo 安全漏洞
(CVE-2025-32463)
描述:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 Sudo 1.9.17p1之前版本存在安全漏洞,该漏洞源于使用用户控制目录中的/etc/nsswitch.conf可能导致获取root访问权限。
描述
This repository contains an exploit script for CVE-2025-32463, a local privilege escalation involving `chroot` behavior in affected `sudo` versions (1.9.14 through 1.9.17)
介绍
# CVE-2025-32463 — Sudo 1.9.14 → 1.9.17 Local Privilege Escalation via `chroot`
**Exploit script** demonstrating a local privilege escalation affecting certain Sudo 1.9.x releases (CVE-2025-32463).
- **Exploit reference:** https://www.exploit-db.com/exploits/52352
- **Tested on:** Ubuntu 24.04.2 LTS with `sudo` 1.9.16p2
---
## Summary
This repository contains an exploit script for CVE-2025-32463, a local privilege escalation involving `chroot` behavior in affected `sudo` versions (1.9.14 through 1.9.17). Use this repository only for defensive research, patch validation, or authorized penetration testing on systems you own or have explicit permission to test.
---
## IMPORTANT — Legal & Safety Notice
This code is potentially dangerous. Do not run it on systems for which you do not have explicit authorization. Misuse may be illegal and/or cause data loss. By using the contents of this repository you agree that you are responsible for any consequences. If you are testing, do so in an isolated lab or VM snapshot you can restore.
If you discover this vulnerability in a production environment, follow responsible disclosure best practices: contact the vendor or the maintainers and give them time to respond before public exploitation.
---
## Prerequisites
- A vulnerable `sudo` version (e.g., 1.9.14 → 1.9.17). Verify local `sudo` version before testing.
- A Linux system where you have a local account (the exploit is for local privilege escalation).
- Recommended: test inside a VM or container and have snapshots or backups.
---
## Quick Usage
```bash
# clone the repo
git clone https://github.com/r3dBust3r/CVE-2025-32463.git
cd CVE-2025-32463
# make the exploit script executable
chmod +x ./CVE-2025-32463
# run the exploit (only on authorized/test systems)
./CVE-2025-32463
文件快照
[4.0K] /data/pocs/072fc16c1943aa7522b1d997458fa95f6ede5d47
├── [1.3K] CVE-2025-32463
├── [1.0K] LICENSE
└── [1.8K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。