Skip to content
/ CVE-2018-1000001 Public

glibc getcwd() local privilege escalation compiled binaries

32 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0x00-0x00/CVE-2018-1000001

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
img
img
 
 
43775.c
43775.c
 
 
README.md
README.md
 
 
exploit-debian
exploit-debian
 
 
exploit-ubuntu
exploit-ubuntu
 
 
vulncheck.sh
vulncheck.sh
 
 

Repository files navigation

glibc - 'getcwd()' Local Privilege Escalation

Attention: All rights to the exploit writer. I have just compiled and organized a repository for this CVE.

CVE: 2018-1000001 Alias: RationalLove

  • exploit-debian - Exploit compiled in debian x64
  • exploit-ubuntu - Exploit compiled in ubuntu x64

Am I vulnerable?

To discover if the machine is vulnerable:

dpkg --list | grep -i libc6

If your libc6 package is:

  • 2.24-11+deb9u1 for Debian Stretch
  • 2.23-0ubuntu9 for Ubuntu Xenial Xerus

Then you're probably vulnerable.

If you are lazy, I developed a shell script to check if your machine is vulnerable.

It is in this repository, and it is named vulncheck.sh. You can use it to determine if the public exploit will work or not based on the libc6 package.

Exploitation

Simply drop the binary into the vulnerable system and execute it to get root. Exploit

Remediation

It is recommended immediate patch of libc package using apt-get update -y && apt-get upgrade -y

About

glibc getcwd() local privilege escalation compiled binaries

Topics

cve glibc works 2018 privesc getcwd

Resources

Readme
Activity

Stars

32 stars

Watchers

3 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages