exploitdb
WORKING POC
by Beatriz Fresno Naumova · textlocallinux
https://www.exploit-db.com/exploits/52479
This exploit leverages a buffer overflow in glibc's dynamic loader (CVE-2023-4911) to achieve local privilege escalation by corrupting internal loader state and loading a malicious shared object. It patches libc.so.6 with shellcode to spawn a root shell when /usr/bin/su is executed with a crafted environment.
Classification
Working Poc 95%
Target:
glibc 2.35 (specifically 2.35-0ubuntu3.3 on Ubuntu 22.04.3 LTS)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable glibc version · Ability to execute /usr/bin/su
nomisec
WORKING POC
389 stars
by leesh3288 · local
https://github.com/leesh3288/CVE-2023-4911
This repository contains a functional exploit for CVE-2023-4911 (Looney Tunables), leveraging a buffer overflow in glibc's dynamic loader via the GLIBC_TUNABLES environment variable. The exploit crafts malicious environment variables to achieve arbitrary code execution by overwriting critical structures in memory.
Classification
Working Poc 95%
Target:
glibc (2.35-0ubuntu3.3)
No auth needed
Prerequisites:
Ubuntu 22.04.3 with vulnerable glibc version · Ability to execute arbitrary binaries with crafted environment variables
nomisec
WORKING POC
171 stars
by RickdeJager · local
https://github.com/RickdeJager/CVE-2023-4911
This repository contains a functional proof-of-concept exploit for CVE-2023-4911, a local privilege escalation vulnerability in glibc's dynamic loader. The exploit leverages a buffer overflow in the processing of GLIBC_TUNABLES environment variables to achieve arbitrary code execution with elevated privileges.
Classification
Working Poc 95%
Target:
glibc (dynamic loader ld.so)
No auth needed
Prerequisites:
Access to a vulnerable system (e.g., Ubuntu 22.10) · Ability to compile and execute the exploit
nomisec
WORKING POC
42 stars
by chaudharyarjun · local
https://github.com/chaudharyarjun/LooneyPwner
This repository contains a functional exploit for CVE-2023-4911, targeting the 'Looney Tunables' buffer overflow vulnerability in glibc. The exploit modifies the glibc library to inject shellcode and escalate privileges to root.
Classification
Working Poc 95%
Target:
glibc versions >= 2.34
No auth needed
Prerequisites:
Vulnerable glibc version · Access to the target system
nomisec
WORKING POC
29 stars
by hadrian3689 · local
https://github.com/hadrian3689/looney-tunables-CVE-2023-4911
This repository contains a functional exploit for CVE-2023-4911 (Looney Tunables), leveraging a buffer overflow in glibc's dynamic loader via the GLIBC_TUNABLES environment variable. The exploit manipulates memory to achieve arbitrary code execution by injecting shellcode into a forged libc.so.6.
Classification
Working Poc 95%
Target:
glibc (versions affected by CVE-2023-4911)
No auth needed
Prerequisites:
Vulnerable glibc version · Ability to execute code on the target system
github
WORKING POC
20 stars
by flex0geek · cpoc
https://github.com/flex0geek/cves-exploits/tree/main/CVE-2023-4911
The repository contains a functional exploit for CVE-2023-4911, demonstrating a heap-based buffer overflow in sudo. The exploit leverages a crafted environment variable to achieve privilege escalation.
Classification
Working Poc 95%
Target:
sudo (specific version not specified)
No auth needed
Prerequisites:
vulnerable sudo version · ability to execute the exploit binary
nomisec
WORKING POC
17 stars
by ruycr4ft · local
https://github.com/ruycr4ft/CVE-2023-4911
This repository contains a functional exploit for CVE-2023-4911 (Looney Tunables), a Linux privilege escalation vulnerability in glibc. The exploit leverages a buffer overflow in the GLIBC_TUNABLES environment variable parsing to achieve arbitrary code execution with elevated privileges.
Classification
Working Poc 95%
Target:
glibc (versions 2.35-0ubuntu3.3 and below)
No auth needed
Prerequisites:
Vulnerable glibc version · Ability to execute code on the target system
nomisec
WRITEUP
15 stars
by KernelKrise · local
https://github.com/KernelKrise/CVE-2023-4911
This repository provides a detailed technical analysis of CVE-2023-4911, a local privilege escalation vulnerability in the GNU C Library's dynamic loader (ld.so) due to improper handling of the GLIBC_TUNABLES environment variable. The README includes a thorough breakdown of the vulnerability, affected code paths, and references to external resources for further study.
Classification
Writeup 95%
Target:
GNU C Library (glibc) ld.so
No auth needed
Prerequisites:
Access to a vulnerable system with glibc version affected by CVE-2023-4911
nomisec
WORKING POC
15 stars
by Green-Avocado · local
https://github.com/Green-Avocado/CVE-2023-4911
This repository contains a functional proof-of-concept exploit for CVE-2023-4911, a local privilege escalation vulnerability in glibc's dynamic loader. The exploit leverages the Looney Tunables vulnerability to achieve arbitrary code execution by manipulating environment variables and heap grooming techniques.
Classification
Working Poc 95%
Target:
glibc (2.35-0ubuntu3.1) on Ubuntu 22.04
No auth needed
Prerequisites:
Access to a vulnerable system with glibc 2.35-0ubuntu3.1 · Ability to execute the compiled binary
nomisec
WORKING POC
9 stars
by Diego-AltF4 · local
https://github.com/Diego-AltF4/CVE-2023-4911
This repository contains a functional exploit for CVE-2023-4911 (Looney Tunables), a local privilege escalation vulnerability in glibc's dynamic loader. The exploit manipulates environment variables to achieve arbitrary code execution with elevated privileges.
Classification
Working Poc 100%
Target:
glibc (2.35-0ubuntu3.1)
No auth needed
Prerequisites:
Access to a vulnerable system with glibc 2.35-0ubuntu3.1 · Ability to execute binaries on the target system
nomisec
WORKING POC
6 stars
by NishanthAnand21 · local
https://github.com/NishanthAnand21/CVE-2023-4911-PoC
This repository contains a functional exploit for CVE-2023-4911, a buffer overflow in the GNU C Library's dynamic loader (glibc) that allows local privilege escalation. The exploit leverages the GLIBC_TUNABLES environment variable to trigger the vulnerability and gain root access.
Classification
Working Poc 95%
Target:
GNU C Library (glibc) versions 2.34 and later
No auth needed
Prerequisites:
Vulnerable glibc version (2.34+) · Local access to the target system · ASLR enabled
nomisec
WORKING POC
2 stars
by puckiestyle · local
https://github.com/puckiestyle/CVE-2023-4911
This repository contains a functional proof-of-concept exploit for CVE-2023-4911 (Looney Tunables), a local privilege escalation vulnerability in glibc's ld.so. The exploit leverages a buffer overflow in the GLIBC_TUNABLES environment variable to achieve arbitrary code execution with root privileges.
Classification
Working Poc 95%
Target:
glibc ld.so (Ubuntu 22.10 confirmed)
No auth needed
Prerequisites:
Local access to a vulnerable system · Compilation of the exploit code
nomisec
WORKING POC
1 stars
by teraGL · local
https://github.com/teraGL/looneyCVE
This repository contains a functional exploit for CVE-2023-4911 (Looney Tunables), a buffer overflow in glibc's dynamic loader. The exploit manipulates environment variables to trigger a buffer overflow, leading to arbitrary code execution via a forged libc.so.6 with embedded shellcode.
Classification
Working Poc 95%
Target:
glibc (versions affected by CVE-2023-4911)
No auth needed
Prerequisites:
Vulnerable glibc version · Ability to execute commands on the target system
nomisec
WORKING POC
1 stars
by xiaoQ1z · local
https://github.com/xiaoQ1z/CVE-2023-4911
This repository contains a functional exploit for CVE-2023-4911, a local privilege escalation vulnerability in glibc's dynamic loader. The exploit leverages a buffer overflow in the GLIBC_TUNABLES environment variable parsing to achieve arbitrary code execution with elevated privileges.
Classification
Working Poc 95%
Target:
glibc (ld.so) on Linux systems
No auth needed
Prerequisites:
Local access to a vulnerable Linux system with glibc · Ability to execute binaries
nomisec
WORKING POC
by 0xMOGA · poc
https://github.com/0xMOGA/CVE-2023-4911-Lab
This repository provides a Docker-based environment for analyzing and exploiting CVE-2023-4911 (Looney Tunables), a buffer overflow in glibc's dynamic loader (ld.so) leading to local privilege escalation. It includes functional exploit code, test binaries, and detailed analysis tools.
Classification
Working Poc 95%
Target:
GNU C Library (glibc) 2.34-2.38
No auth needed
Prerequisites:
Docker · Linux or WSL2
nomisec
WORKING POC
by Aryan20057 · poc
https://github.com/Aryan20057/CVE-2023-4911
This repository contains a functional exploit for CVE-2023-4911, targeting a buffer overflow in the GNU C Library's dynamic loader. The exploit manipulates environment variables to trigger the vulnerability and achieve arbitrary code execution.
Classification
Working Poc 95%
Target:
GNU C Library (glibc) dynamic loader
No auth needed
Prerequisites:
Access to a vulnerable system with glibc dynamic loader · Ability to execute the exploit binary
gitlab
WORKING POC
by mdelaclaire · poc
https://gitlab.com/mdelaclaire/LooneyPwner
This repository contains a functional exploit for CVE-2023-4911, the 'Looney Tunables' glibc vulnerability, which allows local privilege escalation (LPE) to root. The exploit modifies the glibc library and leverages a buffer overflow in environment variable processing to execute arbitrary code with elevated privileges.
Classification
Working Poc 95%
Target:
glibc (versions >= 2.34)
No auth needed
Prerequisites:
local access to a vulnerable system · glibc version >= 2.34 · compilation tools (gcc) · Python 3 with pwntools
nomisec
WORKING POC
by KillReal01 · local
https://github.com/KillReal01/CVE-2023-4911
This repository contains a functional exploit for CVE-2023-4911 (Looney Tunables), a Linux privilege escalation vulnerability in glibc. The exploit leverages a buffer overflow in the GLIBC_TUNABLES environment variable parsing to achieve arbitrary code execution with elevated privileges.
Classification
Working Poc 95%
Target:
glibc (versions 2.35-0ubuntu3.3 and below)
No auth needed
Prerequisites:
Vulnerable glibc version · Ability to execute code on the target system
nomisec
WORKING POC
by Billar42 · local
https://github.com/Billar42/CVE-2023-4911
This repository contains a functional exploit for CVE-2023-4911, targeting the Looney Tunables vulnerability in glibc's dynamic loader. The exploit manipulates environment variables to achieve arbitrary code execution via buffer overflow in the dynamic linker.
Classification
Working Poc 95%
Target:
glibc dynamic loader (ld.so)
No auth needed
Prerequisites:
Vulnerable glibc version · SUID binary or similar execution context
nomisec
WORKING POC
by snurkeburk · local
https://github.com/snurkeburk/Looney-Tunables
This PoC exploits CVE-2023-4911 (Looney Tunables) by manipulating the GLIBC_TUNABLES environment variable to trigger a buffer overflow in the dynamic loader, leading to arbitrary code execution. The exploit uses carefully crafted environment variables and a fork bomb to maximize the chance of successful exploitation.
Classification
Working Poc 95%
Target:
GNU C Library (glibc) dynamic loader (ld.so)
No auth needed
Prerequisites:
Access to a vulnerable system with glibc version affected by CVE-2023-4911 · Ability to execute arbitrary binaries with a crafted environment
nomisec
WORKING POC
by guffre · local
https://github.com/guffre/CVE-2023-4911
This repository contains a functional Python-based exploit for CVE-2023-4911 (Looney Tunables), which leverages a buffer overflow in the glibc dynamic loader's GLIBC_TUNABLES environment variable parsing. The exploit crafts a malicious environment to achieve local privilege escalation by overwriting the DT_RPATH entry in the link_map structure.
Classification
Working Poc 95%
Target:
glibc (2.35-0ubuntu3.1 on Ubuntu 22.04.3)
No auth needed
Prerequisites:
Access to a vulnerable system with glibc 2.35-0ubuntu3.1 · Ability to execute the exploit locally
nomisec
WORKING POC
by silent6trinity · local
https://github.com/silent6trinity/looney-tuneables
This repository contains a functional exploit for CVE-2023-4911, leveraging a buffer overflow in the GLIBC_TUNABLES environment variable to achieve local privilege escalation (LPE). The exploit modifies the libc.so.6 file to inject shellcode and repeatedly forks processes to trigger the vulnerability.
Classification
Working Poc 95%
Target:
GNU C Library (glibc) versions affected by CVE-2023-4911
No auth needed
Prerequisites:
Access to a vulnerable system with glibc affected by CVE-2023-4911 · Ability to execute the exploit script
vulncheck_xdb
WORKING POC
local
https://github.com/b4k3d/POC_CVE4911
This repository contains a functional exploit for CVE-2023-4911 (Looney Tunables), targeting a buffer overflow in glibc's dynamic loader. The exploit manipulates the GLIBC_TUNABLES environment variable to achieve arbitrary code execution via a crafted libc.so.6.
Classification
Working Poc 95%
Target:
glibc (2.35-0ubuntu3.3)
No auth needed
Prerequisites:
Ubuntu 22.04.3 with vulnerable glibc version · ability to execute the exploit binary
metasploit
WORKING POC
EXCELLENT
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/glibc_tunables_priv_esc.rb
This Metasploit module exploits CVE-2023-4911, a buffer overflow in the GNU C Library's dynamic loader (ld.so) via the GLIBC_TUNABLES environment variable, allowing local privilege escalation to root on vulnerable Ubuntu and Debian systems.
Classification
Working Poc 100%
Target:
GNU C Library (glibc) versions 2.31-2.38 on Ubuntu/Debian
No auth needed
Prerequisites:
Local access to a vulnerable system · Presence of SUID binaries · Specific glibc versions on Ubuntu/Debian