关联漏洞
标题:
Sudo 缓冲区错误漏洞
(CVE-2021-3156)
描述:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 Sudo 1.9.5p2 之前版本存在缓冲区错误漏洞,攻击者可使用sudoedit -s和一个以单个反斜杠字符结束的命令行参数升级到root。
介绍
<h1 style="font-size:10vw" align="left">CVE-2021-3156 - Heap-Based Buffer Overflow in Sudo</h1>
<img src="https://img.shields.io/badge/CVSS:3.1%20Score%20-7.8 HIGH-red"> <img src="https://img.shields.io/badge/Vulnerability%20Types%20-Privilege%20Escalation-blue"> <img src="https://img.shields.io/badge/Tested%20On%3F-Ubuntu%2020.04.1-blued">
******
⚠️ *For educational and authorized security research purposes only*
## Original Exploit Authors
Very grateful to the original PoC author [Qualys Research Team](https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit)
## Description
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
## Demo
******
## Step Guides
1. Install git, then clone the script from the github repository:
```bash
sudo apt install git -y
git clone https://github.com/asepsaepdin/CVE-2021-3156.git
```
2. Compile the PoC using command:
```bash
make
```
4. Run the PoC using command:
```bash
./exploit
```
******
## Credits
- https://github.com/CptGibbon/CVE-2021-3156
- https://nvd.nist.gov/vuln/detail/CVE-2021-3156
- https://github.com/blasty/CVE-2021-3156
文件快照
[4.0K] /data/pocs/8ef8df9ed6ebcbee600e46e2e99ac9087d9c50d4
├── [2.0K] exploit.c
├── [ 208] Makefile
├── [1.5K] README.md
└── [ 599] shellcode.c
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。