Automates vulnerability check for sudo versions and privilege escalation via sudoedit if exploitable, helping users test and gain root access.# CVE-2023-22809-automated-python-exploits
automatically exploit the sudoedit vulnerability fo CVE-2023-22809
For guide use the following link
https://medium.com/@spydomain1/cve-2023-22809-f36a2b3804b3
# CVE-2023-22809 Automated Exploit - Python Script
## 📌 Description
This Python script automates the exploitation of **CVE-2023-22809**, a vulnerability affecting certain versions of `sudo` when used with `sudoedit`. If the user is allowed to run `sudoedit` or `sudo -e` on arbitrary files **as root**, privilege escalation is possible. This script checks for the vulnerable version, verifies `sudoedit` privileges, and then helps escalate to root by modifying `/etc/sudoers`.
> ⚠️ **DISCLAIMER:** This tool is for educational and authorized penetration testing purposes only. Do not use it on systems you do not own or have permission to test.
---
## 🧠 Vulnerability Overview
- **CVE ID:** CVE-2023-22809
- **Vulnerable sudo versions:**
- 1.8
- 1.9.0 to 1.9.3
- 1.9.12p1
- **Affected feature:** `sudoedit` (`sudo -e`)
- **Impact:** Local Privilege Escalation (LPE) to root
---
## ⚙️ How It Works
1. **Version Check:** Confirms the installed `sudo` version is within the vulnerable range.
2. **Sudo Privilege Check:** Verifies if the current user has access to `sudoedit` or `sudo -e` as root or with `(ALL)` privileges.
3. **Exploitation Steps:**
- Displays the line to add into the `/etc/sudoers` file.
- Opens `/etc/sudoers` with `sudoedit`.
- Grants root shell using `sudo su root`.
---
## 🧪 Requirements
- Python 3.x
- Sudo installed on the target machine
- Vulnerable `sudo` version installed
- Target user has `sudoedit` access with `(root)` or `(ALL)` privileges
---
## 🚀 Usage
```bash
cd CVE-2023-22809-automated-python-exploits/
python3 script.py
```
[4.0K] /data/pocs/b9d3ef15c2751d654121597cd8155ce07b7eeb32
├── [1.8K] README.md
└── [2.0K] script.py
0 directories, 2 files