Root shell PoC for CVE-2021-3156

Related tags

Artificial Intelligence CVE-2021-3156
Overview

CVE-2021-3156

Root shell PoC for CVE-2021-3156 (no bruteforce)

For educational purposes etc.

Tested on Ubuntu 20.04 against sudo 1.8.31

All research credit: Qualys Research Team Check out the details on their blog.

You can check your version of sudo is vulnerable with: $ sudoedit -s Y. If it asks for your password it's most likely vulnerable, if it prints usage information it isn't. You can downgrade to the vulnerable version on Ubuntu 20.04 for testing purposes with $ sudo apt install sudo=1.8.31-1ubuntu1

Usage

$ make

$ ./exploit

You might also like...
Code and Data for our CVPR 2021 paper "Structured Scene Memory for Vision-Language Navigation"

SSM-VLN Code and Data for our CVPR 2021 paper "Structured Scene Memory for Vision-Language Navigation". Environment Installation Download Room-to-Room

hanqing 35 Dec 3, 2022
The official implementation of our CVPR 2021 paper - Hybrid Rotation Averaging: A Fast and Robust Rotation Averaging Approach

Graph Optimizer This repo contains the official implementation of our CVPR 2021 paper - Hybrid Rotation Averaging: A Fast and Robust Rotation Averagin

Chenyu 109 Dec 23, 2022
C++ Implementation of "An Equivariant Filter for Visual Inertial Odometry", ICRA 2021

EqF VIO (Equivariant Filter for Visual Inertial Odometry) This repository contains an implementation of an Equivariant Filter (EqF) for Visual Inertia

null 60 Nov 15, 2022
Offical repo for
Offical repo for "Moynihan, M., Ruano, S., Pagés, R. and Smolic, A., 2021. Autonomous Tracking For Volumetric Video Sequences"

MeshTracker A segmentation-based tracking algorithm for registering volumetric video meshes (ply/obj) in C++. This is the official implementation of t

V-Sense 22 Nov 7, 2022
Python and C++ implementation of
Python and C++ implementation of "MarkerPose: Robust real-time planar target tracking for accurate stereo pose estimation". Accepted at LXCV Workshop @ CVPR 2021.

MarkerPose: Robust Real-time Planar Target Tracking for Accurate Stereo Pose Estimation This is a PyTorch and LibTorch implementation of MarkerPose: a

Jhacson Meza 47 Nov 18, 2022
Repository to keep track of progress; Started learning C on 2nd September 2021.

Repository to keep track of progress. I started learning C on 2nd September 2021. The future: I plan on turning this repository into a tutorial with c

aether 4 Dec 16, 2021
[CVPR 2021] NormalFusion: Real-Time Acquisition of Surface Normals for High-Resolution RGB-D Scanning

NormalFusion: Real-Time Acquisition of Surface Normals for High-Resolution RGB-D Scanning Project Page | Paper | Supplemental material #1 | Supplement

KAIST VCLAB 50 Jan 2, 2023
The code for C programming 2021, Department of Computer Science, National Taiwan University.

C2021 .c for sousce code, .in for input file, and .out for correct output. The numbers are the problem indices in the judge system. "make number" to m

Pangfeng Liu 6 Jan 10, 2022
Mixed reality VR laser tag using Oculus Quest 2 and OAK-D depth cameras. First prize winner for North America region in OpenCV AI Competition 2021.
Mixed reality VR laser tag using Oculus Quest 2 and OAK-D depth cameras. First prize winner for North America region in OpenCV AI Competition 2021.

Mixed Reality Laser Tag Copyright 2021 Bart Trzynadlowski Overview This is the source code to my Mixed Reality Laser Tag project, which won first priz

null 34 Jun 3, 2022
Comments
  • Only Ubuntu is vulnerable

    Only Ubuntu is vulnerable

    I tried the exploit on several different old Centos. Exploit fails

    CentOS release 6.10 Linux version 2.6.32-696 Sudo version 1.8.6p3 Sudoers policy plugin version 1.8.6p3 Sudoers file grammar version 42 Sudoers I/O plugin version 1.8.6p3 ldd (GNU libc) 2.12

    sudoedit -s / sudoedit: /: not a regular file

    opened by snwoeinogge 1
Owner
CptGibbon
CptGibbon
GitHub
Square Root Bundle Adjustment for Large-Scale Reconstruction

Square Root Bundle Adjustment for Large-Scale Reconstruction

Nikolaus Demmel 205 Dec 20, 2022
CVE-2021-3156非交互式执行命令

CVE-2021-3156 This is a warehouse modification based on @CptGibbon and supports arbitrary command execution. 相关阅读:CVE-2021-3156 - Exploit修改 Root shell

倾旋 188 Nov 15, 2022
Investigating the bug behind CVE-2021-26708

vsock_poc Investigating the bug behind CVE-2021-26708 This repo contains a small writeup about CVE-2021-26708, and how this bug can be turned into a U

Jordan 25 Sep 19, 2022
2021/3/30 ~ 2021/7/12 に行われる企画「競プロ典型 90 問」の問題・解説・ソースコードなどの資料をアップロードしています。

競プロ典型 90 問 日曜を除く毎朝 7:40 に競プロやアルゴリズムの教育的な問題を Twitter(@e869120)に投稿する企画です。 本企画は、2021 年 3 月 30 日から 7 月 12 日まで行われる予定です。 企画の目的 「競プロ典型 90 問」は、競プロ初級者から中上級者(レー

Masataka Yoneda 709 Dec 29, 2022
A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.

PCIBan A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support. This is probably very unsafe, not supporting edg

null 62 Dec 28, 2022
https://cve.mitre.org/

CVE-Mitre Download single CVE The variable is only for example ;) you can make your own SVN script for downloading a single folder = CVE =) BR @nu11se

nu11secur1ty 42 Dec 5, 2022
ICRA 2021 - Robust Place Recognition using an Imaging Lidar

Robust Place Recognition using an Imaging Lidar A place recognition package using high-resolution imaging lidar. For best performance, a lidar equippe

Tixiao Shan 296 Jan 1, 2023
Material for the UIBK Operating Systems Lab (2021)

UIBK Operating Systems Lab 2021 This repository contains material required to complete exercises for the OS lab in the 2021 summer semester, including

null 13 Nov 3, 2022
Aulas de Sistemas Operativos da turma LI42D no semestre de verão de 2020/2021

ISEL - Sistemas Operativos LI42D - Verão de 2021 Aulas de Sistemas Operativos da turma LI42D no semestre de verão de 2020/2021 Aulas Remotas em Direct

null 12 May 6, 2022
Official PyTorch Code of GrooMeD-NMS: Grouped Mathematically Differentiable NMS for Monocular 3D Object Detection (CVPR 2021)

GrooMeD-NMS: Grouped Mathematically Differentiable NMS for Monocular 3D Object Detection GrooMeD-NMS: Grouped Mathematically Differentiable NMS for Mo

Abhinav Kumar 76 Jan 2, 2023