n3m1sys/CVE-2023-22809-sudoedit-privesc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3 Commits 1 Branch 0 Tags
e6fca2453f1ee89f8f1a7ee145c86db3e2ac50b4
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
r3nt0n e6fca2453f Fixing bugs and improving checks 
+ Improved tests on sudoers config file: **the original script have some pitfalls that wouldnt allow to run the script even if the config is vulnerable**, for example when sudoedit is configured with (ALL) or (ALL : ALL) instead of (root), which are still vulnerable configurations. In the last case, it will also break the original script because of the way the last grep was implemented, its also fixed on this version.
+ Added **test to check** if sudo **version** is vulnerable.
+ **Fixed bug** *"EDITOR: command not found" when trying to open the editor and typo in `etc/sudoers` filename.
2023-02-02 14:38:51 +01:00
exploit.sh
Fixing bugs and improving checks
2023-02-02 14:38:51 +01:00
README.md
Initial Commit
2023-01-21 16:22:20 +01:00

README.md

CVE-2023-22809

sudo Privilege escalation

Affected sudo versions: 1.8.0 to 1.9.12p1

This script automates the exploitation of the CVE-2023-22809 vulnerability to gain a root shell.

The script checks if the current user has access to run the sudoedit or sudo -e command for some file with root privileges. If it does it opens the sudoers file for the attacker to introduce the privilege escalation policy for the current user and get a root shell.

Description
A script to automate privilege escalation with CVE-2023-22809 vulnerability
cvecve-2023-22809exploitprivescscriptsudosudoeditvulnerability
Readme 34 KiB
Languages
Shell 100%