https://github.com/0x00-0x00/CVE-2018-1000001
glibc getcwd() local privilege escalation compiled binaries
https://github.com/0x00-0x00/CVE-2018-1000001
2018 cve getcwd glibc privesc works
Last synced: 15 days ago
JSON representation
glibc getcwd() local privilege escalation compiled binaries
- Host: GitHub
- URL: https://github.com/0x00-0x00/CVE-2018-1000001
- Owner: 0x00-0x00
- Created: 2018-02-07T17:34:24.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2018-02-09T22:35:06.000Z (about 7 years ago)
- Last Synced: 2025-04-07T01:43:28.787Z (30 days ago)
- Topics: 2018, cve, getcwd, glibc, privesc, works
- Language: C
- Size: 117 KB
- Stars: 32
- Watchers: 2
- Forks: 8
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- AwesomeCompiler - CVE-2018-1000001
README
# glibc - 'getcwd()' Local Privilege Escalation
Attention:
__All rights to the exploit writer. I have just compiled and organized a repository for this CVE.__
CVE: 2018-1000001
Alias: RationalLove
* exploit-debian - Exploit compiled in debian x64
* exploit-ubuntu - Exploit compiled in ubuntu x64
# Am I vulnerable?
To discover if the machine is vulnerable:
```bash
dpkg --list | grep -i libc6
```
If your libc6 package is:
* 2.24-11+deb9u1 for Debian Stretch
* 2.23-0ubuntu9 for Ubuntu Xenial Xerus
Then you're probably vulnerable.
If you are lazy, I developed a shell script to check if your machine is vulnerable.
It is in this repository, and it is named `vulncheck.sh`. You can use it to determine if the public exploit will work or not based on the libc6 package.
# Exploitation
Simply drop the binary into the vulnerable system and execute it to get root.
# Remediation
It is recommended immediate patch of libc package using `apt-get update -y && apt-get upgrade -y`