Troubleshooting

Question

Github-By-G opened this issue 3 months ago · comments

I'm working on "CVE-2023-22098, CVE-2023-22099, CVE-2023-22100", in which I am testing this "CVE-2023-22098" repo and setting up the environment;

however, i'm unable to open the calculator after running "insmod exploit .ko"

Also i've tried :

change the char calc[] = "/home/a.sh/"; ( where this creates a simple a.txt file) - not working
Disable ASLR & apparmor - not working
used demsg - there's no error's demsg.txt

my env: ubuntu 22.04(host machine) >> Vbox 7.0.10v >>ubuntu 20.04(vm)

Andy Nguyen · Answer 1 · Fri Mar 15 2024 18:45:35 GMT+0800 (China Standard Time)

Do "rmmod virtio_net" before and it should work.

Ganapathi K · Answer 2 · Fri Mar 15 2024 20:33:16 GMT+0800 (China Standard Time)

Here the output: still not opening anything:
saying virtio_net is not loaded
even i tried to check with htop, see if it running in background

--
Also can you please specifiy the : versions setup of host and vm guest ; im thinking it might related to version issues

Andy Nguyen · Answer 3 · Fri Mar 15 2024 20:36:08 GMT+0800 (China Standard Time)

Are you using the virtio-net network adapter in VirtualBox?

Ganapathi K · Answer 4 · Fri Mar 15 2024 20:41:50 GMT+0800 (China Standard Time)

Nop, using NAT:

Andy Nguyen · Answer 5 · Fri Mar 15 2024 20:48:26 GMT+0800 (China Standard Time)

Then obviously it doesn't work. This vulnerability affects the virtio-net device.

Ganapathi K · Answer 6 · Fri Mar 15 2024 21:03:17 GMT+0800 (China Standard Time)

thank you mr.Andy i got it, it is working

and if possible mention this on git aswell

And can you please provide any info about other two vuln : CVE-2023-22099, CVE-2023-22100 ???
just wanted to know about them