If you are a Unix user this article is for you!

Last day a researcher called Joe Vennix from Apple Information Security, found a critical flaw in the Sudo function in Unix Os, the vulnerability allows users to bypass the restriction written in the sudoers file, and execute any commands as root.

Vennix said that all the Sudo versions prior to 1.8.28 are affected.

Simple Demo:

In the first step, we created a new simple user called esisa1, you can do it by the command <Adduser “name_of_ur_user”>

let's say that we have the Sudo password but with some restrictions, which means that we will not be able to execute some special tasks.

In the second step let's go to a file called “sudoers.tmp” by the command <Sudo visudo>

This is how the file looks like :

After opening the file go to the #User privilege specification and add a new line as shown in the picture < esisa1 ALL=(ALL, !root) ALL>

Now you did 90% of the work you still need one step to exploit all this and be able to execute any command you want as root even the restrictions, this can be done like that :

chose the command you wanna execute and put it with a negative UID, I choose to run the bash shell with the command <sudo -u#-1 /bin/bas> and bingo its executed as root!

Simple link to go deeper with the bug : https://seclists.org/oss-sec/2019/q4/18?fbclid=IwAR26wU1JjZZqI3blZKl5EQNyCsu8OqwPG4fzCKfpQ8zp9S-n9UJy27fLPDc

Don’t forget to update your systems ❤.




The best puzzles are not meant to be solved{fahdabida.com}

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Eddie Mora

Eddie Mora

The best puzzles are not meant to be solved{fahdabida.com}

More from Medium

Basics and Getting Started with Node.js

NodeJS & HTTP Error 431

Why use Brackets TypeORM in MySQL

What exactly is NodeJS? Is it a good idea to use NodeJS?