CVE-2021-3156
CVE-2021-3156 copied to clipboard
worawit
Sudo Baron Samedit Exploit
  
python exploit_cent7_userspec.py Traceback (most recent call last): File "exploit_cent7_userspec.py", line 50, in resource.setrlimit(resource.RLIMIT_STACK, (resource.RLIM_INFINITY, resource.RLIM_INFINITY)) ValueError: not allowed to raise maximum limit anyone can help?
hi,worawit. I've learned a lot about heap overflow from your project.But I have a new error during my VMs testing, the size parameter of cmnd function can not be obtained...
Hello, this pull requests makes sure the pwned file does not exist prior exploitation. I've just experienced one case like that, and obviously the condition `os.stat(PWNED_PATH).st_uid != 0` gave a...
My system version is Centos7.9 and sudo version is 1.8.23 CentOS is not able to use the vulnerability?
Hi @worawit Use exploit: **exploit_defaults_mailer.py** does this mean that this configuration is not usable or needs some work? End output: > cmnd size: 0x1150 > offset to defaults: 0x0 >...
exploit_nss.py文件的187行 proc = subprocess.Popen(['ip', 'addr'], stdout=subprocess.PIPE, bufsize=1, universal_newlines=True) Generally, ip addr cannot be used directly under low authority. It can be modified to /sbin/ip and modified to ['/sbin/ip','addr']
Hi @worawit does this mean that this configuration is not usable or needs some work? End output: > offset to defaults: 0x60 > sudoedit: option `mail_always' does not take a...
Hi worawit, **sudo --version** Sudo version 1.8.21p2 Sudoers policy plugin version 1.8.21p2 Sudoers file grammar version 46 Sudoers I/O plugin version 1.8.21p2 **uname -a** Linux ubuntu 4.15.0-48-generic #51-Ubuntu SMP Wed...
Hello Sleepya, I've been using your successful exploits for long time and i noticed something that in some servers the created account "gg" is blocked after the exploit is implemented...
