Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc

A script to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc

cve cve-2023-22809 exploit privesc script sudo sudoedit vulnerability

Last synced: about 2 months ago
JSON representation

A script to automate privilege escalation with CVE-2023-22809 vulnerability

Host: GitHub
URL: https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
Owner: n3m1sys
Created: 2023-01-21T15:19:23.000Z (almost 2 years ago)
Default Branch: main
Last Pushed: 2023-02-15T18:10:53.000Z (almost 2 years ago)
Last Synced: 2024-07-30T14:19:07.581Z (4 months ago)
Topics: cve, cve-2023-22809, exploit, privesc, script, sudo, sudoedit, vulnerability
Language: Shell
Homepage:
Size: 5.86 KB
Stars: 142
Watchers: 3
Forks: 35
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - n3m1dotsys/CVE-2023-22809-sudoedit-privesc - A script to automate privilege escalation with CVE-2023-22809 vulnerability (Shell)

README

# CVE-2023-22809

## sudo Privilege escalation

Affected sudo versions: 1.8.0 to 1.9.12p1

This script automates the exploitation of the CVE-2023-22809 vulnerability to
gain a root shell.

The script checks if the current user has access to run the `sudoedit` or
`sudo -e` command for some file with root privileges. If it does it opens the
sudoers file for the attacker to introduce the privilege escalation policy
for the current user and get a root shell.