CVE-2019-18634

This exploit leverages a buffer overflow in sudo's askpass feature (CVE-2019-18634) to achieve local privilege escalation. It uses a crafted payload to manipulate memory and execute arbitrary code as root via a SUID binary.

This exploit demonstrates a stack-based buffer overflow in Sudo versions prior to 1.8.26 when the pwfeedback option is enabled. The PoC triggers a segmentation fault by piping a large input to sudo, potentially allowing privilege escalation to root.

This repository contains a functional exploit for CVE-2019-18634, a buffer overflow in sudo's tgetpass.c when pwfeedback is enabled. The exploit leverages a pseudo-terminal to trigger the overflow, manipulate internal structures, and escalate privileges to root.

This repository contains a functional exploit for CVE-2019-18634, a buffer overflow vulnerability in sudo's pwfeedback feature. The exploit leverages a pseudo-terminal to trigger the overflow, overwrite critical structures, and escalate privileges to root by re-executing the exploit as the askpass program.

This repository contains a functional exploit for CVE-2019-18634, a heap buffer overflow in sudo <=1.8.30 when pwfeedback is enabled. The exploit leverages a crafted input to achieve local privilege escalation by manipulating memory structures and executing arbitrary code.

This repository contains a functional exploit for CVE-2019-18634, a buffer overflow vulnerability in sudo's pwfeedback feature. The exploit leverages a heap-based overflow to achieve local privilege escalation by manipulating memory structures and executing a reverse shell.

This repository contains a functional exploit for CVE-2019-18634, a privilege escalation vulnerability in sudo when pwfeedback is enabled. The exploit leverages a buffer overflow to manipulate user details and escalate privileges to root.

This repository contains a functional exploit for CVE-2019-18634, a buffer overflow vulnerability in Sudo. The exploit leverages a heap-based buffer overflow in the `sudo` command to achieve local privilege escalation by manipulating the `SUDO_ASKPASS` environment variable and executing a crafted payload.

This exploit leverages CVE-2019-18634, a sudo vulnerability where improper handling of pseudo-terminals and environment variables allows local privilege escalation. The PoC manipulates sudo's tgetpass function to execute a shell with root privileges by crafting a specific payload and environment setup.

This repository contains a functional exploit for CVE-2019-18634, a sudo vulnerability that allows local privilege escalation by manipulating the SUDO_ASKPASS environment variable and exploiting a buffer overflow in the pwfeedback feature. The exploit is tailored for Linux Mint 19.1 but may work on other distributions with adjustments.

This repository provides a detailed technical analysis of CVE-2019-18634, a heap buffer overflow in Sudo's pwfeedback function. It includes steps to verify the vulnerability, exploit it using a known PoC, and explains the root cause involving static heap buffer overflow leading to segmentation faults.

The repository contains only a README.md file with minimal content, lacking any functional exploit code or technical details about CVE-2019-18634. It appears to be a placeholder without substantive information.

This repository contains a functional exploit for CVE-2019-18634, a sudo vulnerability. The exploit leverages a buffer overflow in sudo's pwfeedback feature to achieve local privilege escalation by injecting a reverse shell payload.

This repository contains a functional exploit for CVE-2019-18634, a BSS-based buffer overflow in Sudo versions < 1.8.25 when pwfeedback is enabled. The exploit leverages a pseudo-terminal to trigger the vulnerability and achieve privilege escalation to root via a reverse shell.

This repository contains a functional exploit for CVE-2019-18634, a local privilege escalation vulnerability in sudo. The exploit leverages a buffer overflow in the sudo command's handling of the SUDO_ASKPASS environment variable to achieve root privileges.

This repository contains a functional exploit for CVE-2019-18634, a buffer overflow vulnerability in sudo's pwfeedback feature. The exploit leverages a pseudo-terminal to trigger the overflow, overwrite critical structures, and escalate privileges to root.

This repository contains a functional Python exploit for CVE-2019-18634, a sudo vulnerability affecting versions 1.8.25 and earlier. The exploit leverages a heap-based buffer overflow to achieve local privilege escalation by injecting a crafted payload via the SUDO_ASKPASS environment variable.

This repository contains a functional exploit for CVE-2019-18634, a buffer overflow vulnerability in sudo's pwfeedback feature. The exploit leverages a pseudo-terminal to trigger the overflow, overwrite critical structures, and escalate privileges to root by re-executing the exploit as the askpass program.