来源

关联漏洞

描述

automatically exploit the sudoedit vulnerability fo CVE-2023-22809

介绍

# CVE-2023-22809-automated-python-exploits
automatically exploit the sudoedit vulnerability fo CVE-2023-22809

For guide use the following link
https://medium.com/@spydomain1/cve-2023-22809-f36a2b3804b3


# CVE-2023-22809 Automated Exploit - Python Script

## 📌 Description

This Python script automates the exploitation of **CVE-2023-22809**, a vulnerability affecting certain versions of `sudo` when used with `sudoedit`. If the user is allowed to run `sudoedit` or `sudo -e` on arbitrary files **as root**, privilege escalation is possible. This script checks for the vulnerable version, verifies `sudoedit` privileges, and then helps escalate to root by modifying `/etc/sudoers`.

> ⚠️ **DISCLAIMER:** This tool is for educational and authorized penetration testing purposes only. Do not use it on systems you do not own or have permission to test.

---

## 🧠 Vulnerability Overview

- **CVE ID:** CVE-2023-22809
- **Vulnerable sudo versions:**  
  - 1.8  
  - 1.9.0 to 1.9.3  
  - 1.9.12p1  
- **Affected feature:** `sudoedit` (`sudo -e`)
- **Impact:** Local Privilege Escalation (LPE) to root

---

## ⚙️ How It Works

1. **Version Check:** Confirms the installed `sudo` version is within the vulnerable range.
2. **Sudo Privilege Check:** Verifies if the current user has access to `sudoedit` or `sudo -e` as root or with `(ALL)` privileges.
3. **Exploitation Steps:**
   - Displays the line to add into the `/etc/sudoers` file.
   - Opens `/etc/sudoers` with `sudoedit`.
   - Grants root shell using `sudo su root`.

---

## 🧪 Requirements

- Python 3.x
- Sudo installed on the target machine
- Vulnerable `sudo` version installed
- Target user has `sudoedit` access with `(root)` or `(ALL)` privileges

---

## 🚀 Usage

```bash
python3 cve-2023-22809.py

文件快照

 [4.0K]  /data/pocs/c7d3c9dd07f7a40e41868d374b734bb54301c054
├── [1.7K]  README.md
└── [ 797]  script.py

0 directories, 2 files

备注