Shulou(Shulou.com)05/31 Report--

This article will explain in detail how to reproduce the Sudo heap buffer overflow vulnerability CVE-2021-3156. The content of the article is of high quality, so the editor shares it for you as a reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

I. details of the loophole

A heap-based buffer overflow was found in the way sudo parses command-line arguments. Any local user (normal and system users, sudoer and non-sudoers) can exploit this vulnerability without authentication and the attacker does not need to know the user's password. Successful exploitation of this vulnerability could gain root privileges.

Second, influence the version

-sudo:sudo: 1.8.2-1.8.31p2

-sudo:sudo: 1.9.0-1.9.5p1

Third, the construction of vulnerability environment

Note Log in to the system as a non-root user and use the command sudoedit-s /

If you respond to an error that starts with sudoedit:, it indicates that there is a vulnerability.

If you respond to an error that begins with usage:, the patch is in effect.

1. The original ubuntu version installed on my computer is 04Jing sudo version version 1.8.31, which is within the version affected by the vulnerability, but there is no Sudo heap buffer overflow vulnerability checked through the sudoedit-s / command.

Figure 1: ubuntu20.04 version information

2. This vulnerability exists after downloading version 0.4 from https://releases.ubuntu.com/18.04.5/ubuntu-18.04.5-desktop-amd64.iso.

Figure 2: ubuntu 18.0.4 version information

IV. Recurrence of loopholes

1. Download from github vulnerability exp: https://codeload.github.com/blasty/CVE-2021-3156/zip/main, decompresses the downloaded file and compiles it with make, otherwise the compilation fails (make, make-guild, gcc components need to be installed before compilation)

Figure 3: installing make

Figure 4: installing make-guild

Figure 5: installing gcc

2. Enter the directory of the extracted files, use the make command to compile, and then execute the command. / sudo-hax-me-a-sandwich, you will be prompted to select the corresponding system. The version of ubuntu 18.0.4 is used here. Add 0 after the. / sudo-hax-me-a-sandwich to execute, and finally get the root permission.

Figure 6: system versions supported by exp

Figure 7: obtaining root permissions

3. This vulnerability can be used to raise rights locally, and interested friends can try to build vulhub loopholes on it to obtain a low-privilege account and then raise rights locally.

Repair suggestion

To download and upgrade the sudo package, the download link is:

Download address of sudo package

Https://www.sudo.ws/dist/

On how to carry out Sudo heap buffer overflow vulnerability CVE-2021-3156 repeat to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.