关联漏洞
标题:
Sudo 安全漏洞
(CVE-2023-22809)
描述:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 1.9.12p2 之前的 Sudo存在安全漏洞,该漏洞源于sudoedit(又名 -e)功能错误处理用户提供的环境变量(SUDO_EDITOR、VISUAL 和 EDITOR)中传递的额外参数,从而允许本地攻击者将任意条目附加到要处理的文件列表中 . 这可能导致特权升级。
介绍
# CVE-2023-22809 Exploit Script
Disclaimer
This script is provided for educational purposes only. The author is not responsible for any misuse or unintended consequences resulting from its use. Always follow ethical guidelines and obtain proper authorization before testing any security tools or exploits.
## Description
This Python script is designed to exploit the CVE-2023-22809 vulnerability in `sudo` versions 1.8.0 through 1.9.12p1. This vulnerability allows a local attacker to escalate their privileges by exploiting improper handling of `sudoedit` or `sudo -e` commands.
## Requirements
- Python 3.x | Bash
- `sudo` version 1.8.0 through 1.9.12p1 installed on the target machine
- Access to the `sudo` command with potential `sudoedit` or `sudo -e` capabilities
## Usage
### Basic Usage
The basic usage of this script:
- To execute the script and exploit CVE:
```python
python exploit.py
```
Or
```bash
bash exploit.sh
```
### Options
- To see information about the vulnerability:
```python
python exploit.py -i
```
Or
```bash
bash exploit.sh -i
```
- To see pre requirements for the vulnerability:
```python
python exploit.py -r
```
Or
```bash
bash exploit.sh -r
```
- Help Section:
```python
python exploit.py -h
```
Or
```bash
bash exploit.sh -h
```
## Prerequisites
Before running the exploit, ensure the following:
- Sudo Version: The target system must be running a vulnerable version of sudo. The script checks for versions between 1.8.0 and 1.9.12p1.0
- Sudo Privileges: The current user must have the ability to run sudoedit or sudo -e on files as root.
## Notes
- The script attempts to open the /etc/sudoers file using vim if the user is found to be exploitable.
- Important: Use this script only on systems where you have explicit permission to test for vulnerabilities. Unauthorized use of this script is illegal and unethical.
## Author
- Author: D0rDa4aN919
## License
- This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
文件快照
[4.0K] /data/pocs/fdfde09098141b4f46c68d2c189c1c937bccc02e
├── [9.2K] exploit.py
├── [7.5K] exploit.sh
├── [1.0K] LICENSE
└── [2.0K] README.md
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。