Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-48990 PoC — needrestart 安全漏洞

Source
https://github.com/makuga01/CVE-2024-48990-PoC
Associated Vulnerability
Title:needrestart 安全漏洞 (CVE-2024-48990)
Description:needrestart是liske个人开发者的一款用于检查升级后需要重新启动哪些守护进程的工具。 needrestart 3.8之前版本存在安全漏洞,该漏洞源于允许本地攻击者通过诱骗needrestart使用攻击者控制的PYTHONPATH环境变量运行Python解释器,并以root身份执行任意代码。
Description
PoC for CVE-2024-48990
Readme
# PoC for CVE-2024-48990 in `needrestart`

educational purposes only

https://www.qualys.com/2024/11/19/needrestart/needrestart.txt


## How to run?

Running `./start.sh` will compile the fake importlib library and start a script that waits for `needrestart` to be executed by root. It will pop a shell afterwards.
File Snapshot

 [4.0K]  /data/pocs/738a89a9ea9991b01733d523a8b7c5132bc535db
├── [ 323]  e.py
├── [ 249]  lib.c
├── [ 315]  README.md
└── [ 256]  start.sh

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.