关联漏洞
标题:
below 安全漏洞
(CVE-2025-27591)
描述:below是Meta Incubator开源的一个现代 Linux 系统的资源监视器。 below v0.9.0之前版本存在安全漏洞,该漏洞源于创建了全局可写目录,可能导致通过符号链接攻击提升到root权限。
描述
a C exploit for CVE-2025-27591, which allow an attacker to escalate privilege to root.
介绍
# CVE-2025-27591
## description
Basically `below` tool allow for universal modification on its log file which lead to privilege escalation as root.
## details.
The log file created by `below` is world-writable, allowing any user to modify or replace it.
An attacker can exploit this by creating a symbolic link from the log file to /etc/passwd.
If the attacker can trigger an error in `below` that logs arbitrary input, and crafts that input in
the format of a valid /etc/passwd entry, they can inject a new root user into the system.
In order for the exploit to work the attacker should be able to execute the `below` command as it should be run
as `root` then the user must have `sudo` permission or a way to run it.
## Compiling.
```bash
git clone https://github.com/Cythonic1/CVE-2025-27591
cd CVE-2025-27591
gcc -static -W -Wall main.c ./libcrypt.a -o exploit
```
## usage
```bash
./exploit <username> <password>
```
文件快照
[4.0K] /data/pocs/32b75fdaa5654dcbda84ad1b804fc605af5f93a0
├── [913K] libcrypt.a
├── [1.0K] LICENCE
├── [2.6K] main.c
└── [ 934] README.md
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。