CVE-2021-3156 PoC — Sudo 缓冲区错误漏洞

Source

https://github.com/RodricBr/CVE-2021-3156

Associated Vulnerability

Title:Sudo 缓冲区错误漏洞 (CVE-2021-3156)
Description:Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Description

CVE-2021-3156

Readme

# Exploit CVE-2021-3156

## Executing: <br>

```bash
$ git clone https://github.com/RodricBr/CVE-2021-3156
$ cd CVE-2021-3156/
$ chmod u+x programa.sh
$ ./programa.sh
```

## One-Liner: <br>

```bash
AA=$(sudo --version | tr '[:space:]' ','| tr -d '.'  | cut -d ',' -f3 | awk '{print $0}'); [[ "$AA" -lt 1828 ]] && echo -e "Exploitável\nCVE-2021-3156"; [[ "$AA" -lt 1827 ]] && echo -e "Não é Exploitável!";
```

File Snapshot


 [4.0K]  /data/pocs/abb08f5dc2c45d96a4594ba22d83b3e14fceca95
├── [ 337]  programa.sh
└── [ 415]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!