Comments (5)
worawit
commented on July 20, 2024
1
I expect at least 2 cores when writing an exploit but forgot adding it in requirement.
With only 1 CPU, it is almost impossible that an exploit preempt an sudo at the right time.
from cve-2021-3156.
worawit
commented on July 20, 2024
You were running an exploit from user that can sudo without password.
My exploit does not cover this case because you can become root without an exploit.
from cve-2021-3156.
MattyAgain
commented on July 20, 2024
@worawit My apologies, silly mistake of mine. Thank you for the quick reply. However, running the timestamp race on a user without sudo privileges now results in "out of dir name" after many attempts (full log attached if it matters).
from cve-2021-3156.
worawit
commented on July 20, 2024
From your log, a race is almost success ("Failed to create 2nd symbolic" message).
Do you assign only 1 CPU to VM?
If yes, try assign at least 2 CPUs to VM and run the exploit again.
Note: to rerun the exploit after "out of dir name", you have to remove tmp directories with "rf -rf /tmp/gogogo*" with root user
from cve-2021-3156.
MattyAgain
commented on July 20, 2024
Adding another core worked! Is it fair to say this exploit requires more than one CPU for success, or is it possible to make it work with only one?
from cve-2021-3156.
Related Issues (18)
- About Ubuntu 14.04 or 16.04 without tcache. HOT 1
- Exploit on Ubuntu Server 18.04.2 LTS Worked BUT.... HOT 2
- exploit is successful but the created account is blocked HOT 1
- Exploitation on CentOS 6.10 (Final) HOT 3
- invalid offset. exit code: 256 (Amazon Linux AMI release 2017.09 / libc 2.17 )
- Centos 8 can be used, but some configuration needs to be modified
- invalid offset. exit code: 256 (Cnetos 6.9 / libc 2.12 )
- 'AssertionError' feedback HOT 3
- TypeError: bytes or integer address expected instead of str instance HOT 2
- not allowed to raise maximum limit HOT 1
- user not in /etc/sudoers HOT 6
- Can you make Exploit code in 32bit? (no tcache) HOT 2
- Exploitation on Debian 7 HOT 1
- Exploitation on Debian 9.5 stretch HOT 4
- Centos7.9 cannot use HOT 2
- Exploitation on Debian 8 (jessie) HOT 2
- Cannot find cmnd size Ubuntu 16 / GLIB 2.23 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cve-2021-3156.