CVE-2023-22809

Running this exploit on a vulnerable system allows a local attacker to gain a root shell on the machine.

CVE-2023-22809 CVE-2023-22809 is a critical vulnerability that affects the popular sudo software, specifically the sudoedit command This vulnerability allows an attacker to gain root privileges on a targeted system by exploiting a flaw present in the sudoedit command Exploiting the CVE-2023-22809 vulnerability involves passing a specially crafted argument to the sudoedit comm

Analysis & Exploit

CVE-2023-22809 Analysis & Exploit 基本情况 漏洞编号：CVE-2023-22809 漏洞等级：高危 漏洞评分：78分 影响版本：sudo 180-sudo 1912p1(sudo>=180 or sudo <=1912p1) 攻击效果：本地提权 攻击手法 修改/etc/passwd中root为用户名，见exp_passwdsh 修改/etc/sudoers规定用户X可以无密码执行任何操作，�

CVE-2023-22809

patch_CVE-2023-22809 Bash Script: sudo Installation This Bash script automates the installation of the latest version of sudo on your system Prerequisites Linux-based operating system wget package installed (can be installed using the package manager) Usage Clone or download this repository to your local machine Navigate to the directory containing the script Open a termi

CVE-2023-22809 Ref: cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2023-22809 Exploit Title: sudo 180 - 1912p1 - Privilege Escalation Exploit Author: n3m1sys CVE: CVE-2023-22809 Date: 2023/01/21 Vendor Homepage: wwwsudows/ Software Link: wwwsudows/dist/sudo-1912p1targz Version: 180 to 1912p1 Tested on: Ubuntu Server 2204 - vim 824919 - su

Minimal alternative to sudoedit

Rdoedit (RootDO edit) Minimal alternative to sudoedit This project aims to be a minimal alternative to sudoedit Sudoedit by itself is over 700 lines of code by itself, not including all the header files or the fact that it's part of sudo There is no reason why such a simple app should be so bloated or come bundled with bloat like sudo This readme is likely more verbose

A script to automate privilege escalation with CVE-2023-22809 vulnerability

CVE-2023-22809 sudo Privilege escalation Affected sudo versions: 180 to 1912p1 This script automates the exploitation of the CVE-2023-22809 vulnerability to gain a root shell The script checks if the current user has access to run the sudoedit or sudo -e command for some file with root privileges If it does it opens the sudoers file for the attacker to introduce the privi

Linux Privilege Escalation Exploit for CVE-2021-3560 (Sudoedit aka -e) - Local Privilege Escalation *For educational and authorized security research purposes only* Original Exploit Authors n3m1dotsys Vulnerability Description In Sudo before 1912p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUA

CVE-2023-22809 Linux Sudo

CVE-2023-22809-sudo-POC CVE-2023-22809 Linux Sudo

My README.md

Hi there 👋 My name is Martín, aka n3m1sys on Internet I'm a cybersecurity consultant and ethical hacker What do I do? I do not program very frequently Sometimes I develop exploit scripts, and simple programs to automate things List of exploits I developed githubcom/n3m1sys/CVE-2023-22809-sudoedit-privesc githubcom/n3m1sys/CVE-2018-16763-

My README.md

Hi there 👋 My name is Martín, aka n3m1sys on Internet I'm a cybersecurity consultant and ethical hacker What do I do? I do not program very frequently Sometimes I develop exploit scripts, and simple programs to automate things List of exploits I developed githubcom/n3m1sys/CVE-2023-22809-sudoedit-privesc githubcom/n3m1sys/CVE-2018-16763-