EIP-2026-103022

PRE-CVE

Tower Toppler 0.96 - 'HOME Environment' Local Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103022. PoCs published by FBHowns.

AI-analyzed exploit summary This exploit leverages a buffer overflow in the HOME environment variable of Tower Toppler (Nebulous version 0.96) to achieve local privilege escalation (LPE) by executing shellcode that sets the GID to 20 (games). The shellcode combines a setregid(20,20) call with a standard /bin/sh spawn.

Description

Tower Toppler 0.96 - 'HOME Environment' Local Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by FBHowns · clocallinux

https://www.exploit-db.com/exploits/22884

View Code ZIP pw:eip

This exploit leverages a buffer overflow in the HOME environment variable of Tower Toppler (Nebulous version 0.96) to achieve local privilege escalation (LPE) by executing shellcode that sets the GID to 20 (games). The shellcode combines a setregid(20,20) call with a standard /bin/sh spawn.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Tower Toppler (Nebulous version 0.96)

No auth needed

Prerequisites: Local access to the system · Tower Toppler installed · Environment variable manipulation permissions

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026