Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-22809 PoC — Sudo 安全漏洞

Source
https://github.com/D0rDa4aN919/CVE-2023-22809-Exploiter
Associated Vulnerability
Title:Sudo 安全漏洞 (CVE-2023-22809)
Description:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 1.9.12p2 之前的 Sudo存在安全漏洞,该漏洞源于sudoedit(又名 -e)功能错误处理用户提供的环境变量(SUDO_EDITOR、VISUAL 和 EDITOR)中传递的额外参数,从而允许本地攻击者将任意条目附加到要处理的文件列表中 . 这可能导致特权升级。
Readme
# CVE-2023-22809 Exploit Script

Disclaimer
This script is provided for educational purposes only. The author is not responsible for any misuse or unintended consequences resulting from its use. Always follow ethical guidelines and obtain proper authorization before testing any security tools or exploits.

## Description

This Python script is designed to exploit the CVE-2023-22809 vulnerability in `sudo` versions 1.8.0 through 1.9.12p1. This vulnerability allows a local attacker to escalate their privileges by exploiting improper handling of `sudoedit` or `sudo -e` commands.

## Requirements

- Python 3.x | Bash
- `sudo` version 1.8.0 through 1.9.12p1 installed on the target machine 
- Access to the `sudo` command with potential `sudoedit` or `sudo -e` capabilities

## Usage

### Basic Usage
The basic usage of this script:
- To execute the script and exploit CVE:
```python
python exploit.py
```
Or
```bash
bash exploit.sh
```

### Options
- To see information about the vulnerability:
```python
python exploit.py -i
```
Or
```bash
bash exploit.sh -i
```
- To see pre requirements for the vulnerability:
```python
python exploit.py -r
```
Or
```bash
bash exploit.sh -r
```
- Help Section:
```python
python exploit.py -h
```
Or
```bash
bash exploit.sh -h
```

## Prerequisites
Before running the exploit, ensure the following:
- Sudo Version: The target system must be running a vulnerable version of sudo. The script checks for versions between 1.8.0 and 1.9.12p1.0
- Sudo Privileges: The current user must have the ability to run sudoedit or sudo -e on files as root.

## Notes
- The script attempts to open the /etc/sudoers file using vim if the user is found to be exploitable.
- Important: Use this script only on systems where you have explicit permission to test for vulnerabilities. Unauthorized use of this script is illegal and unethical.


## Author
- Author: D0rDa4aN919

## License
- This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
File Snapshot

 [4.0K]  /data/pocs/fdfde09098141b4f46c68d2c189c1c937bccc02e
├── [9.2K]  exploit.py
├── [7.5K]  exploit.sh
├── [1.0K]  LICENSE
└── [2.0K]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.