Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-32462 PoC — Sudo 安全漏洞

Source
https://github.com/j3r1ch0123/CVE-2025-32462
Associated Vulnerability
Title:Sudo 安全漏洞 (CVE-2025-32462)
Description:Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
Description
The vulnerability was found by Rich Mirch. More details on it here: https://cxsecurity.com/issue/WLB-2025070022
Readme
# CVE-2025-32462 - Sudo Host Bypass Exploit

## Original Discovery
This vulnerability was discovered by Rich Mirch.  
More details can be found at:  
https://cxsecurity.com/issue/WLB-2025070022

## About
This script is an exploit for CVE-2025-32462, allowing privilege escalation by bypassing sudo's host restrictions.  
It targets Linux systems with affected versions of sudo and requires that the `sudo -h` option is accepted with `NOPASSWD` rights.

## Notes
This implementation was written by J3rich0123 for educational and CTF purposes.  
Credit for discovery remains solely with Rich Mirch.

## Usage
Run the script to start a pseudo-root shell on a target host defined in `TARGET_HOST`.  
For a full interactive shell, type `bash` inside the prompt or run `vim` → `:!bash`.
File Snapshot

 [4.0K]  /data/pocs/e72a3400a0694f92b0777dc43fea274fc02f897f
├── [ 928]  exploit.sh
└── [ 783]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →