POC详情: caa7b132fbd24d6fd244f9d18d3d825635b9d773

来源
https://github.com/Rajneeshkarya/CVE-2025-32463
关联漏洞
标题: Sudo 安全漏洞 (CVE-2025-32463)
描述:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 Sudo 1.9.17p1之前版本存在安全漏洞,该漏洞源于使用用户控制目录中的/etc/nsswitch.conf可能导致获取root访问权限。
描述
This is the exploit for the CVE-2025-32463
介绍
# CVE-2025-32463 Exploit

This is the exploit for the CVE-2025-32463
- Thanks to [Rich Mirch](https://www.stratascale.com/team/rich-mirch) ([@0xm1rch](https://x.com/0xm1rch) on X) @ [Stratascale](https://www.stratascale.com/) for reporting this amazing vulnerability.
- Original Post: [Vulnerability Advisory: Sudo chroot Elevation of Privilege](https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot)
- NVD: [CVE-2025-32463](https://nvd.nist.gov/vuln/detail/CVE-2025-32463) (CVSS 9.3)

---

## Affected Versions

> Vulnerable builds of **sudo 1.9.14** up to **1.9.17** (all p‑revisions) on most Linux distributions are affected.

Security Pages
- [Ubuntu](https://ubuntu.com/security/CVE-2025-32463) (CVSS 9.3)
- [Redhat](https://access.redhat.com/security/cve/cve-2025-32463) (CVSS 7.8)
- [SUSE](https://www.suse.com/security/cve/CVE-2025-32463.html) (CVSS 7.8)
- [Debian](https://security-tracker.debian.org/tracker/CVE-2025-32463)

---

## Quick vulnerability check
```bash
# Vulnerable sudo will give you this
kairaj5456 ~ $ sudo -R fake_root fake_root
sudo: fake_root: No such file or directory

# Patched sudo will give you this
kairaj5456 ~ $ sudo -R fake_root fake_root
[sudo] password for kairaj5456:
sudo: you are not permitted to use the -R option with fake_root
```

---

## Testing the exploit

```bash
$ git clone https://github.com/Rajneeshkarya/CVE-2025-32463.git

$ cd CVE-2025-32463

$ chmod +x exploit.sh

$ ./exploit.sh

[+] Launching exploit via sudo...

# id
uid=0(root) gid=0(root) groups=0(root),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),100(users),101(netdev),117(bluetooth),121(wireshark),129(scanner),136(kaboxer),1000(kairaj5456)
```
---

## For Understanding the Vulnerability

Check out the orginal blog posted by Rich Mirch - [click here](https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot)
文件快照

 [4.0K]  /data/pocs/caa7b132fbd24d6fd244f9d18d3d825635b9d773
├── [ 864]  exploit.sh
└── [1.9K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。