Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-22809 PoC — Sudo 安全漏洞

Source
https://github.com/D0rDa4aN919/CVE-2023-22809-Exploiter
Associated Vulnerability
Title:Sudo 安全漏洞 (CVE-2023-22809)
Description:In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
Readme
# CVE-2023-22809 Exploit Script

Disclaimer
This script is provided for educational purposes only. The author is not responsible for any misuse or unintended consequences resulting from its use. Always follow ethical guidelines and obtain proper authorization before testing any security tools or exploits.

## Description

This Python script is designed to exploit the CVE-2023-22809 vulnerability in `sudo` versions 1.8.0 through 1.9.12p1. This vulnerability allows a local attacker to escalate their privileges by exploiting improper handling of `sudoedit` or `sudo -e` commands.

## Requirements

- Python 3.x | Bash
- `sudo` version 1.8.0 through 1.9.12p1 installed on the target machine 
- Access to the `sudo` command with potential `sudoedit` or `sudo -e` capabilities

## Usage

### Basic Usage
The basic usage of this script:
- To execute the script and exploit CVE:
```python
python exploit.py
```
Or
```bash
bash exploit.sh
```

### Options
- To see information about the vulnerability:
```python
python exploit.py -i
```
Or
```bash
bash exploit.sh -i
```
- To see pre requirements for the vulnerability:
```python
python exploit.py -r
```
Or
```bash
bash exploit.sh -r
```
- Help Section:
```python
python exploit.py -h
```
Or
```bash
bash exploit.sh -h
```

## Prerequisites
Before running the exploit, ensure the following:
- Sudo Version: The target system must be running a vulnerable version of sudo. The script checks for versions between 1.8.0 and 1.9.12p1.0
- Sudo Privileges: The current user must have the ability to run sudoedit or sudo -e on files as root.

## Notes
- The script attempts to open the /etc/sudoers file using vim if the user is found to be exploitable.
- Important: Use this script only on systems where you have explicit permission to test for vulnerabilities. Unauthorized use of this script is illegal and unethical.


## Author
- Author: D0rDa4aN919

## License
- This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
File Snapshot

 [4.0K]  /data/pocs/fdfde09098141b4f46c68d2c189c1c937bccc02e
├── [9.2K]  exploit.py
├── [7.5K]  exploit.sh
├── [1.0K]  LICENSE
└── [2.0K]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →