TUTORIAL FOR CVE 2021-3156
Root shell PoC for CVE-2021-3156
For educational purposes etc.
Tested on Ubuntu 20.04 against sudo 1.8.31
You can check your version of sudo is vulnerable with:
$ sudoedit -s Y
.
If it asks for your password it's most likely vulnerable, if it prints usage information it isn't. You can downgrade to the vulnerable version on Ubuntu 20.04 for testing purposes with
$ sudo apt install sudo=1.8.31-1ubuntu1
Usage
$ make
$ ./exploit