Sudo-Security-Bypass-CVE-2019-14287

===========================================================================

	 ██████╗██╗   ██╗███████╗    ██████╗  ██████╗  ██╗ █████╗        ██╗██╗  ██╗██████╗  █████╗ ███████╗
	██╔════╝██║   ██║██╔════╝    ╚════██╗██╔═████╗███║██╔══██╗      ███║██║  ██║╚════██╗██╔══██╗╚════██║
	██║     ██║   ██║█████╗█████╗ █████╔╝██║██╔██║╚██║╚██████║█████╗╚██║███████║ █████╔╝╚█████╔╝    ██╔╝
	██║     ╚██╗ ██╔╝██╔══╝╚════╝██╔═══╝ ████╔╝██║ ██║ ╚═══██║╚════╝ ██║╚════██║██╔═══╝ ██╔══██╗   ██╔╝
	╚██████╗ ╚████╔╝ ███████╗    ███████╗╚██████╔╝ ██║ █████╔╝       ██║     ██║███████╗╚█████╔╝   ██║
	 ╚═════╝  ╚═══╝  ╚══════╝    ╚══════╝ ╚═════╝  ╚═╝ ╚════╝        ╚═╝     ╚═╝╚══════╝ ╚════╝    ╚═╝

                                
                                  
                                 Sudo Security Bypass Test

                    ========= By Vivek Yadav (www.shallvhack.com)=========

=============================================================================

Vulnerability Description

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u #$((0xffffffff))" command.

Script Description

This is a simple Proof of concept to test for recently disclosed Sudo Security Bypass vulnerability known as CVE-2019-14287.

Recommendation

The best suggession for now would be to update the sudo to the version 1.8.28 or above.

Contact me on:

Website: www.shallvhack.com

Twitter : www.twitter.com/shallvhack

Facebook : www.facebook.com/shallvhack

Github : https://github.com/shallvhack

LinkedIn : https://in.linkedin.com/in/vyvivekyadav04