关联漏洞
标题:
Sudo 安全漏洞
(CVE-2025-32463)
描述:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 Sudo 1.9.17p1之前版本存在安全漏洞,该漏洞源于使用用户控制目录中的/etc/nsswitch.conf可能导致获取root访问权限。
描述
🔍 Demonstrate the CVE-2025-32463 privilege-escalation flaw in sudo's chroot feature with this minimal, reproducible proof of concept environment.
介绍
# 🛠️ CVE-2025-32463_chwoot - Securely Handle Privileges in Linux
## 📋 Overview
CVE-2025-32463_chwoot helps you understand and deal with a specific security vulnerability related to privilege escalation in Linux systems. This tool allows users to explore and test the escalation of privilege to the root user through the sudo binary using the chroot option.
## 🚀 Getting Started
Before you start using the application, ensure your system meets the following requirements:
- **Operating System**: Linux (any distribution supporting Docker)
- **Docker**: Version 20.10 or higher
- **CPU**: 1 GHz or faster
- **RAM**: At least 512 MB
- **Disk Space**: 100 MB or more available
## 📥 Download the Application
You can easily download the latest version of CVE-2025-32463_chwoot by visiting the Releases page.
[](https://github.com/ashardev002/CVE-2025-32463_chwoot/releases)
## 📥 Download & Install
To download the application, follow these steps:
1. Click on the [Releases page link](https://github.com/ashardev002/CVE-2025-32463_chwoot/releases).
2. On the Releases page, you will find a list of available versions. Click on the latest version.
3. Download the provided Docker image suitable for your system.
4. Follow the installation instructions in the image’s release notes.
## 🚀 Running the Application
After downloading, follow these steps to run CVE-2025-32463_chwoot:
1. Open a terminal on your Linux system.
2. Load the Docker image using the command:
```
docker load < path/to/downloaded-image.tar
```
3. Run the Docker container using the command:
```
docker run -it --rm <image-name>
```
Replace `<image-name>` with the name of your Docker image.
## 🛠️ Features
CVE-2025-32463_chwoot offers various features designed to help users explore privilege escalation securely:
- **Test Scenarios**: Simulate different privilege escalation scenarios in a controlled environment.
- **User-Friendly Interface**: Easy navigation to help you explore various options.
- **Logs**: Comprehensive logs for diagnosing issues during testing.
## 📊 Topics Covered
This application focuses on the following topics:
- Docker and container management
- Privilege escalation techniques
- Understanding vulnerabilities related to sudo
- Practical applications of the proof of concept
## 🤝 Contributing
We welcome contributions from the community. If you have suggestions for improvements or new features, please feel free to submit a pull request. More detailed information on how to contribute can be found in the [CONTRIBUTING.md](https://github.com/ashardev002/CVE-2025-32463_chwoot/blob/main/CONTRIBUTING.md) file.
## 📜 License
This project is licensed under the MIT License. For details, see the [LICENSE.md](https://github.com/ashardev002/CVE-2025-32463_chwoot/blob/main/LICENSE.md) file.
## 🌐 Additional Resources
- [Docker Documentation](https://docs.docker.com/)
- [Understanding Privilege Escalation](https://www.example.com/privilege-escalation-guide)
Feel free to reach out to the community or open issues if you have questions or need assistance with the application.
文件快照
[4.0K] /data/pocs/6c47c714e89c1ddd593c42042d4532d8e2925893
├── [ 816] Dockerfile
├── [1.0K] LICENSE
├── [3.2K] README.md
├── [ 75] run.sh
└── [1.0K] sudo-chwoot.sh
0 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。