Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2021-3156 PoC — Sudo 缓冲区错误漏洞

Source
https://github.com/Bad3r/CVE-2021-3156-without-ip-command
Associated Vulnerability
Title:Sudo 缓冲区错误漏洞 (CVE-2021-3156)
Description:Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Description
fork of worawit/CVE-2021-3156 exploit_nss.py modified to work with ifconfig instead of the ip command
Readme
# CVE-2021-3156-without-ip-command
fork of [worawit/CVE-2021-3156 exploit_nss.py](https://github.com/worawit/CVE-2021-3156/blob/main/exploit_nss.py) modified to work with ifconfig instead of the ip command

```sh
wget https://github.com/Bad3r/CVE-2021-3156-without-ip-command/raw/refs/heads/main/exploit_nss.py
# or
wget https://cdn.unsigned.sh/exploit_nss.py
```
File Snapshot

 [4.0K]  /data/pocs/8fb969f37e5e361b91ed0362a21ea5e5e5c73fd1
├── [9.4K]  exploit_nss.py
├── [1.5K]  LICENSE
└── [ 364]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →