It doesnt't work at debian buster
s3rgeym opened this issue · comments
[object Object] commented
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ make
gcc exploit.c -o exploit
exploit.c: In function ‘main’:
exploit.c:75:5: warning: implicit declaration of function ‘execve’ [-Wimplicit-function-declaration]
execve(argv[0], argv, env);
^~~~~~
mkdir libnss_X
gcc -g -fPIC -shared sice.c -o libnss_X/X.so.2
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ ./exploit
usage: sudoedit [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p prompt] [-T timeout] [-u user] file ...
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$ uname -a
Linux debian-buster.*** 4.19.0-14-amd64 #1 SMP Debian 4.19.171-2 (2021-01-30) x86_64 GNU/Linux
sergey@debian-buster:/tmp/exploits/CVE-2021-3156_one_shot$
Ben Schattinger commented
That means you have a patched sudoedit
.
rajvardhan agarwal commented
Yep you are running a patched version of sudo