Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
README.md		README.md
exploit.sh		exploit.sh

Repository files navigation

CVE-2023-22809

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22809

Exploit Title: sudo 1.8.0 - 1.9.12p1 - Privilege Escalation

Exploit Author: n3m1.sys

CVE: CVE-2023-22809

Date: 2023/01/21

Vendor Homepage: https://www.sudo.ws/

Software Link: https://www.sudo.ws/dist/sudo-1.9.12p1.tar.gz

Version: 1.8.0 to 1.9.12p1

Tested on: Ubuntu Server 22.04 - vim 8.2.4919 - sudo 1.9.9

Running this exploit on a vulnerable system allows a localiattacker to gain

a root shell on the machine.

The exploit checks if the current user has privileges to run sudoedit or

sudo -e on a file as root. If so it will open the sudoers file for the

attacker to add a line to gain privileges on all the files and get a root

shell.

About

No description, website, or topics provided.

Report repository

Releases

No releases published

Packages

No packages published

Languages

Shell 100.0%