POC详情: 32b75fdaa5654dcbda84ad1b804fc605af5f93a0

来源
关联漏洞
标题: below 安全漏洞 (CVE-2025-27591)
描述:below是Meta Incubator开源的一个现代 Linux 系统的资源监视器。 below v0.9.0之前版本存在安全漏洞,该漏洞源于创建了全局可写目录,可能导致通过符号链接攻击提升到root权限。
描述
a C exploit for CVE-2025-27591, which allow an attacker to escalate privilege to root.
介绍
# CVE-2025-27591 

## description
Basically `below` tool allow for universal modification on its log file which lead to privilege escalation as root.


## details.
The log file created by `below` is world-writable, allowing any user to modify or replace it. 
An attacker can exploit this by creating a symbolic link from the log file to /etc/passwd.

If the attacker can trigger an error in `below` that logs arbitrary input, and crafts that input in 
the format of a valid /etc/passwd entry, they can inject a new root user into the system.

In order for the exploit to work the attacker should be able to execute the `below` command as it should be run
as `root` then the user must have `sudo` permission or a way to run it.

## Compiling. 
```bash
git clone https://github.com/Cythonic1/CVE-2025-27591
cd CVE-2025-27591
gcc -static -W -Wall main.c ./libcrypt.a -o exploit
```

## usage
```bash
./exploit <username> <password>
```

文件快照

[4.0K] /data/pocs/32b75fdaa5654dcbda84ad1b804fc605af5f93a0 ├── [913K] libcrypt.a ├── [1.0K] LICENCE ├── [2.6K] main.c └── [ 934] README.md 0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。