CVE-2021-3493 Ubuntu OverlayFS Local Privesc (Interactive Bash Shell & Execute Command Entered)

Related tags

Cryptography linux ubuntu exploit privesc
Overview

CVE-2021-3493

sample

Ubuntu OverlayFS Local Privesc

Description

"Ubuntu specific issue in the overlayfs file system in the Linux kernel where it did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges, due to a patch carried in Ubuntu to allow unprivileged overlayfs mounts." - Ubuntu Security

Fixed in Linux 5.11

Affected Versions

  • Ubuntu 20.10
  • Ubuntu 20.04 LTS
  • Ubuntu 19.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM

checklist: https://ubuntu.com/security/CVE-2021-3493

Usage

  • gcc exploit.c -o exploit
  • chmod +x exploit
  • ./exploit shell|command

References

You might also like...
vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.
vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.

CVE-2021-31727 and CVE-2021-31728 Public Reference for CVE-2021-31727 Exposes unrestricted disk read/write capabilities. Public Reference for CVE-2021

null 66 Dec 4, 2022
PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits

PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) Summary This is a remote code execution vulnerability tha

Jay K 72 Nov 18, 2022
Interactive-hex-meshing - Source code for
Interactive-hex-meshing - Source code for "Interactive All-Hex Meshing via Cuboid Decomposition [SIGGRAPH Asia 2021]".

Interactive All-Hex Meshing via Cuboid Decomposition Video demonstration This repository contains an interactive software to the PolyCube-based hex-me

Lingxiao Li 131 Dec 5, 2022
Local Privilege Escalation Edition for CVE-2021-1675
Local Privilege Escalation Edition for CVE-2021-1675

Local Privilege Escalation Edition of CVE-2021-1675/CVE-2021-34527 Local Privilege Escalation implementation of the CVE-2021-1675/CVE-2021-34527 (a.k.

Halil Dalabasmaz 334 Jan 5, 2023
CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day

WindowsMDM-LPE-0Day Works best on Windows 11 CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still

Exploit Blizzard 35 Nov 9, 2022
Plex media server local privilige escalation poc - CVE-2021-42835

Local Privilege PlEXcalasion - CVE-2021-42835 Plex Media Server for Windows prior to version 1.25.0.5282, vulnerable to Time Of Check Time Of Use (TOC

null 6 May 24, 2022
This repository contains an exploit of CVE-2021-4034, a local privilege escalation in pkexec

pwnkit (CVE-2021-4034) Privilege Escalation exploit sample This repository contains an exploit of CVE-2021-4034, a local privilege escalation in pkexe

Peter Gottesman 29 Dec 20, 2022
CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept
CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept

CVE-2021-4034 Proof of Concept Qualys researches found a pretty cool local privilege escalation vulnerability in Polkit's pkexec: writeup, tweet. This

Marco Bonelli 20 Jun 22, 2022
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

PwnKit Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation Usage Should work out of the box on Linux distributions based on U

Oliver Lyak 702 Dec 28, 2022
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) https://seclists.org/oss-sec/2022/q1/80 http

Andris Raugulis 933 Dec 22, 2022
CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation

CVE-2021-4034 CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation 根据CVE-2021-4034进行了加强,执行Exploit将会默认添加用户名rooter,密码Hello@World,并且rooter用户将具

倾旋 89 Dec 12, 2022
An exploit for CVE-2021-4034 aka Pwnkit: Local Privilege Escalation in polkit's pkexec

CVE-2021-4034 Exploit Usage $ git clone https://github.com/whokilleddb/CVE-2021-4034 $ cd CVE-2021-4034 $ make [!] CVE-2021-4034 Exploit By whokilledd

whokilleddb 3 Jun 30, 2022
This project simulates the functionality of the Unix Bash shell.

Minishell This project simulates the functionality of the unix Bash shell. Description The project aim was to recreate the functionality of the unix B

Andreas Gebert 0 Jan 6, 2022
Minishell - This project aims to recreate most of the bash shell.
Minishell - This project aims to recreate most of the bash shell.

minishell Contents Info How to use Clone repo and submodules Linux dependencies MAC dependencies Compile and execute Install Features Built-in command

izenynn 2 Jun 9, 2022
Root shell PoC for CVE-2021-3156

CVE-2021-3156 Root shell PoC for CVE-2021-3156 (no bruteforce) For educational purposes etc. Tested on Ubuntu 20.04 against sudo 1.8.31 All research c

CptGibbon 119 Jan 3, 2023
crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX
crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX

crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX

Sebastian 135 Jan 2, 2023
simple c program thats spawns a shell wants executed, this shell will detect your os and upon entering will erase or reset the system V1.0

kill-shell simple c program thats spawns a shell wants executed, this shell will detect your os and upon entering will erase or reset the system V1.0

RE43P3R 1 Oct 18, 2021
Pine's ok shell, a shell in C++

POSH Pine's ok shell, a shell in C++ Answers to questions nobody asked. "Is your name Pine?" No, although that would be neat. Pine is supposed to be a

Boops-Boops 1 Nov 6, 2021
A library for interactive command line interfaces in modern C++
A library for interactive command line interfaces in modern C++

cli A cross-platform header only C++14 library for interactive command line interfaces (Cisco style) Features Header only Cross-platform (linux and wi

Daniele Pallastrelli 888 Dec 31, 2022
Owner
3ND
3ND
GitHub
PrintNightmare , Local Privilege Escalation of CVE-2021-1675 or CVE-2021-34527

CVE-2021-1675-LPE-EXP Simple LPE Exploit of CVE-2021-1675 Usage CVE-2021-1675-LPE.exe

evilash 51 Dec 4, 2022
vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.

CVE-2021-31727 and CVE-2021-31728 Public Reference for CVE-2021-31727 Exposes unrestricted disk read/write capabilities. Public Reference for CVE-2021

null 66 Dec 4, 2022
PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits

PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) Summary This is a remote code execution vulnerability tha

Jay K 72 Nov 18, 2022
CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)

CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center) General Affected Product: MSI Dragon Center Affected Version: 2.0.104.0 Descri

Rajat Gupta 27 Jul 20, 2022
Library and command line tool to detect SHA-1 collision in a file

sha1collisiondetection Library and command line tool to detect SHA-1 collisions in files Copyright 2017 Marc Stevens [email protected] Distributed

Marc Stevens 1.2k Dec 29, 2022
FCracker is a command line tool designed to brute force encrypted files like zip, 7z, rar, pdf etc.

FCrack is a command-line tool designed to brute force encrypted files like zip, 7z, rar, pdf, gpg etc.

null 23 Dec 21, 2022
Ubuntu OverlayFS Local Privesc

CVE-2021-3493 Ubuntu OverlayFS Local Privesc Affected Versions Ubuntu 20.10 Ubuntu 20.04 LTS Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 ESM Usage

Chris Wild 327 Dec 17, 2022
PrintNightmare , Local Privilege Escalation of CVE-2021-1675 or CVE-2021-34527

CVE-2021-1675-LPE-EXP Simple LPE Exploit of CVE-2021-1675 Usage CVE-2021-1675-LPE.exe

evilash 51 Dec 4, 2022
SimPle SHell - minimalist Unix interactive shell written in a single C file

SimPle SHell - minimalist Unix interactive shell written in a single C file. The shell does not support scripting yet and is in an early stage of development. If you notice any bug, please open an issue on github.

sewe2000 2 Oct 24, 2021
My_Shell is a user-defined interactive shell written in C that works similar to the original shell in linux

MY_SHELL Overview My_Shell is a user-defined interactive shell written in C that works similar to the original shell and it can execeute many of the l

Greeshma 1 Nov 22, 2021