It doesnt't work at debian buster

Question

It doesnt't work at debian buster

s3rgeym opened this issue 4 years ago · comments

sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ make
gcc exploit.c -o exploit
exploit.c: In function ‘main’:
exploit.c:75:5: warning: implicit declaration of function ‘execve’ [-Wimplicit-function-declaration]
     execve(argv[0], argv, env);
     ^~~~~~
mkdir libnss_X
gcc -g -fPIC -shared sice.c -o libnss_X/X.so.2
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ ./exploit
usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-T timeout] [-u user] file ...
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ uname -a
Linux debian-buster.*** 4.19.0-14-amd64 #1 SMP Debian 4.19.171-2 (2021-01-30) x86_64 GNU/Linux
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$

Ben Schattinger · Answer 1 · Tue Apr 13 2021 09:04:03 GMT+0800 (China Standard Time)

That means you have a patched sudoedit.

rajvardhan agarwal · Answer 2 · Tue Apr 13 2021 10:11:51 GMT+0800 (China Standard Time)

Yep you are running a patched version of sudo