I am trying to execute the sudo buffer overflow (CVE-2021-3156) on one of my systems, but haven't got it working yet. The system is definitely vulnerable (taking into account sudo version and "sudoedit -A -s \" output (malloc error). I created a VM with the same Linux version (but no other files) and it worked there. I suppose I need to edit the timing parameter - but I don't know what the value should be. it is 0.01s by default, and it only says it should be increased or decreased depending on the Filesystem. I used a python script to vary from 0.001 to 0.02 in 0.001 steps - no success. How do I find the correct value?
http://dlvr.it/S19RZK
G:7-Security (Cyber Security Research and Global Information Security Services)
No comments:
Post a Comment