CVE-2025-32463 PoC — Sudo 安全漏洞

Source

Associated Vulnerability

Description

- Vulnerable: sudo 1.9.14, 1.9.15, 1.9.16, 1.9.17 - Patched in: sudo 1.9.17p1 and later - Legacy versions older than 1.9.14 are not affected, as they don't support the --chroot option.

Readme

# CVE-2025-32463
- Vulnerable: sudo 1.9.14, 1.9.15, 1.9.16, 1.9.17 - Patched in: sudo 1.9.17p1 and later - Legacy versions older than 1.9.14 are not affected, as they don't support the --chroot option.
```bash
# get_root.sh and get_root.py do the same thing.
git clone https://github.com/shazed-x/CVE-2025-32463
cd CVE-2025-32463
./get_root.sh
```
No gcc is required on the target machine. The PoC works by checking the current
architecture (e.g., x86_64, aarch64), then executing the corresponding dynamically
pre-compiled payload. If that fails, it defaults to the static one.

If the exploit fails on your machine, you can still compile it using:
```bash
./mkall-dynamic.sh

# then run
./get_root.sh

File Snapshot

 [4.0K]  /data/pocs/76fd2b7b7a2b90e324d793761b2d2ff2a0f098e0
├── [4.0K]  archs-dynamic
│   ├── [ 91K]  king.aarch64.b64
│   ├── [ 89K]  king.armv7l.b64
│   ├── [ 19K]  king.i386.b64
│   ├── [ 10K]  king.riscv64.b64
│   └── [ 20K]  king.x86_64.b64
├── [4.0K]  archs-static
│   ├── [ 28K]  king.aarch64.b64
│   ├── [ 26K]  king.armv7l.b64
│   ├── [ 29K]  king.i386.b64
│   ├── [9.5K]  king.riscv64.b64
│   └── [ 31K]  king.x86_64.b64
├── [2.4K]  get_root.py
├── [1.7K]  get_root.sh
├── [1.0K]  LICENSE
├── [ 989]  mkall-dynamic.sh
└── [ 703]  README.md

3 directories, 15 files

Remarks