CVE-2010-3856

This Metasploit module exploits CVE-2010-3856, a privilege escalation vulnerability in glibc's dynamic linker by abusing the LD_AUDIT environment variable to load arbitrary shared objects with elevated privileges. It leverages libpcprofile.so to create a root-owned file in a trusted library path, which is then overwritten with a malicious shared object for code execution.

This Metasploit module exploits CVE-2010-3847, a privilege escalation vulnerability in glibc's dynamic linker. It abuses the LD_AUDIT environment variable to load arbitrary shared objects with elevated privileges, leveraging libpcprofile.so to achieve root access.

This exploit leverages CVE-2010-3856 to achieve local privilege escalation by abusing the LD_AUDIT environment variable and libpcprofile.so to create a world-writable root-owned file, which is then replaced with a malicious shared library to spawn a root shell.

This exploit leverages CVE-2010-3856 in the GNU C library dynamic linker, where LD_AUDIT can load arbitrary DSOs with initialization routines executed as root. The PoC demonstrates privilege escalation by abusing libpcprofile.so to create a world-writable cron job file, leading to a root shell.