exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files

Sudo Buffer Overflow / Privilege Escalation
Posted Feb 1, 2021
Authored by nu11secur1ty, Ventsislav Varbanovski, r4j, cts | Site nu11secur1ty.com

Sudo versions prior to 1.9.5p2 suffer from buffer overflow and privilege escalation vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2021-3156
SHA-256 | df2faf65c7a84b5633290e4d3a7d6958932b30e7692ccdb236b728a8b89c4678

Related Files

Heap-Based Overflow Vulnerability In Sudo
Posted Jun 4, 2021
Authored by Akshay Sharma, Yamini Sharma

Whitepaper giving an overview of a heap-based buffer overflow in sudo.

tags | paper, overflow
advisories | CVE-2021-3156
SHA-256 | a3e0235d128111d0eec7f203028bcf0e94013d131d5f35034ead6f7a4c3fc3ec
Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow
Posted Feb 5, 2021
Authored by Blasty, Spencer McIntyre, Qualys Security Advisory, bwatters-r7, Alexander Krog | Site metasploit.com

A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations. The technique used by this implementation leverages the overflow to overwrite a service_user struct in memory to reference an attacker controlled library which results in it being loaded with the elevated privileges held by sudo.

tags | exploit, overflow, local
advisories | CVE-2021-3156
SHA-256 | cdf458fa2ff6a679afd1037bdb879758b301305b20f223b3aade629bb97b04bc
Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation
Posted Feb 3, 2021
Authored by West Shepherd, Baron Samedit, Stephen Tong

Sudo version 1.9.5p1 Baron Samedit heap-based buffer overflow and privilege escalation exploit.

tags | exploit, overflow
advisories | CVE-2021-3156
SHA-256 | 5c92904142e5934f1e20b05addc2261131559831f8576f64bf6cb2dca6f49edb
Sudo 1.8.25p Buffer Overflow
Posted Feb 4, 2020
Authored by Joe Vennix

Sudo version 1.8.25p suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2019-18634
SHA-256 | 13793f27ea49c2e00cf68927042c89a45205495be48da25ef5de1bffae73c805
sudo 1.8.28 Security Bypass
Posted Oct 15, 2019
Authored by joev, Mohin Paramasivam

sudo version 1.8.28 suffers from a security bypass vulnerability.

tags | exploit, bypass
SHA-256 | ec35a5c3501bc30592776b4e452cfc692b4f63c07d8cfcfbaac9a2658edd5f5a
Docker Sudo Privilege Escalation
Posted Jan 18, 2018
Authored by Pype

If a user has sudo permissions to /usr/bin/docker, it can be leveraged to escalated privileges to root.

tags | exploit, root
SHA-256 | a181d17e97674635831b162ae57ef255badec70a2f142f2bfd18ed1903842ef8
Mac OS X Sudo Password Bypass
Posted Aug 26, 2013
Authored by Todd C. Miller, juan vazquez, joev | Site metasploit.com

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run the "sudo" command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970. This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.

tags | exploit, root
systems | apple, osx
advisories | CVE-2013-1775, OSVDB-90677
SHA-256 | 861501e9890ef0e4cff6780f3ce32dadf2038337f7e60f127a1275773d181e73
Todd Miller sudoedit Root Exploit
Posted Mar 3, 2010
Authored by Kingcope

Todd Miller sudo 'sudoedit' local root exploit that affects 1.6.x versions before 1.6.9p21 and 1.7.x versions before 1.7.2p4.

tags | exploit, local, root
SHA-256 | 0bc5ddb8c9f78020b6fdf754af735e0f64922f9795dab864f38f4d35c23c24d5
SudoSH 3.2.0
Posted Dec 1, 2009
Site sourceforge.net

sudosh3 is an auditing shell and filter based on sudosh2. It aims to improve file management and terminal emulation. Passwords are not recorded.

tags | tool, shell
systems | unix
SHA-256 | 8a1099da9a6115db2cf70112aa48600bd056c868e98ac27e80b07bfab4b7b362
sudoers-shellcode.txt
Posted Nov 19, 2008
Authored by Rick

86 byte Linux/x86 edit /etc/sudoers for full access.

tags | x86, shellcode
systems | linux
SHA-256 | 7d3c24f1326c9839b67cda1c267ce7c0840d066c32b99df5a080ae3f91c26e2f
sudo-local.txt
Posted Nov 16, 2008
Authored by Kingcope

sudo versions 1.6.9p18 and below local privilege escalation exploit.

tags | exploit, local
SHA-256 | 6e57487ed8ff8bd6fa393ab37f987f4b0a6eca1c9148499ace460988dfcf6daa
Mandriva Linux Security Advisory 2005.234
Posted Dec 28, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Charles Morris discovered a vulnerability in sudo versions prior to 1.6.8p12 where, when the perl taint flag is off, sudo does not clear the PERLLIB, PERL5LIB, and PERL5OPT environment variables, which could allow limited local users to cause a perl script to include and execute arbitrary library files that have the same name as library files that included by the script.

tags | advisory, arbitrary, local, perl
systems | linux, mandriva
SHA-256 | 4ac05f5250746008f7cc1d3a17896fef9440b0e513f9e63a2f86e8a3f70c404a
sudo168p10.sh.txt
Posted Nov 10, 2005
Authored by breno

Local root exploit for sudo versions below 1.6.8p10 that makes use of the environment cleaning flaws with the SHELLOPTS and PS4 variables.

tags | exploit, local, root
advisories | CVE-2005-2959
SHA-256 | 01540d7b6b0b6ee45a0878ef444900d18cdc75c2444c243cfc128279fd8df1b5
sudo168-9.txt
Posted Jun 21, 2005
Site sudo.ws

A race condition exists in Sudo's command pathname handling prior to Sudo version 1.6.8p9 that could allow a user with Sudo privileges to run arbitrary commands.

tags | advisory, arbitrary
SHA-256 | a70767bc3df652f28565e7a7ef5f5857dd8f651bee8d0dcfe89f265f2852c080
sudoedit.txt
Posted Sep 21, 2004
Authored by Angelo Rosiello | Site rosiello.org

Local exploit for sudo version 1.6.8p1 that makes use of a flaw in sudoedit.

tags | exploit, local
SHA-256 | ab1bfd7ddab1b1c6b89d7c8e3bdb7bc786b3bad054180fc0cc417bc68c3ca04f
sudo168.txt
Posted Sep 21, 2004

sudo version 1.6.8p1 has been released to address a security flaw in sudoedit that could give a malicious user read access to file that would normally be unreadable.

tags | advisory
SHA-256 | efab4b67cba3f43b49749ab3f9feff2c10711daa2901a428c6afc8c3591c8f21
sudo-xpl.sh
Posted Jan 17, 2002
Authored by Charles Stevenson

Local root exploit for sudo + postfix. Exploits sudo prior to sudo-1.6.4.1. Tested on debian powerpc unstable.

tags | exploit, local, root
systems | linux, debian
SHA-256 | 56c4a7509e2a9ce7833c6d4cb82396da0284a904354b620cfe74d1de0f8ee533
sudo.info.txt
Posted Aug 17, 1999

Sudo v1.5.6p2-2, a program that provides limited superuser privileges, does not properly handle improper file access attempts, revealing information about file existence.

tags | exploit
SHA-256 | d81be80f43f14771ac7b8428d07e62304fc1814ba6697f40b29a6e5dfb69ccfb
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close