Ashley Donaldson
|
fbc291bc22
|
Tested on various other Fedora's
|
2021-05-04 14:18:16 +10:00 |
|
Ashley Donaldson
|
0435e281d9
|
Updated CVE-2021-3156 documentation to reflect code changes.
|
2021-05-03 16:45:50 +10:00 |
|
Ashley Donaldson
|
b1d2c39c98
|
Added second CentOS 7 exploit
|
2021-04-30 18:30:19 +10:00 |
|
Ashley Donaldson
|
124d157a1c
|
Added CVE-2021-3156 exploits for CentOS 7 and 8
|
2021-04-30 17:25:59 +10:00 |
|
Ashley Donaldson
|
79152cafe6
|
Added support for Ubuntu 14.04.3 for CVE-2021-3156
|
2021-04-29 20:48:51 +10:00 |
|
Ashley Donaldson
|
0ee1d5fbe3
|
Ensure exploit is compatible with both python3 and python2
|
2021-04-29 18:52:56 +10:00 |
|
Ashley Donaldson
|
9d9d3ce061
|
Added Ubuntu 16.04-specific exploit script to CVE-2021-3156 module
The generic approach used for other targets doesn't work for 16.04, as that one relies on tcache bins, which are not present in glibc 2.23.
|
2021-04-29 18:28:13 +10:00 |
|
Ashley Donaldson
|
fcd17ed3b1
|
Port sudoedit exploit to Python
It's assumed that Python is more likely to be present on the target system
than gcc, so is better as a dependency.
|
2021-04-29 13:17:32 +10:00 |
|
Spencer McIntyre
|
b9dd1b927b
|
Randomize the path to the library that's loaded
|
2021-02-10 08:45:52 -05:00 |
|
Spencer McIntyre
|
117cdc4fd7
|
Populate module metadata and cleanup files
|
2021-02-03 18:16:13 -05:00 |
|
Spencer McIntyre
|
a00f165b6b
|
Clean the C code and fix the exploitation environment
|
2021-02-03 18:16:13 -05:00 |
|
Spencer McIntyre
|
b9413b4103
|
Update the exploit C code to allocate it's own PTY
|
2021-02-03 18:16:13 -05:00 |
|
Spencer McIntyre
|
13dd9ac10e
|
Initial work on CVE-2021-3156
|
2021-02-03 18:16:13 -05:00 |
|