Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exploit CVE-2022-0847 terminates with error #91

Open
drtha opened this issue Apr 10, 2022 · 1 comment
Open

Exploit CVE-2022-0847 terminates with error #91

drtha opened this issue Apr 10, 2022 · 1 comment

Comments

@drtha
Copy link

drtha commented Apr 10, 2022

Hi,

I am using the command: ./traitor --exploit kernel:CVE-2022-0847

It seem to work, but terminates with an error: [+][error] Exploit failed: invalid password (see below).

In /etc/passwd: traitor4242:x:1001:1001:CVE-2021-3560,,,:/home/traitor4242:/bin/bash
In /etc/shadow: traitor4242:!:19092:0:99999:7:::
In /etc/group: sudo:x:27:thomas,traitor4242

Is there a reason, why it terminates with an error ?
Thanks for help
Thomas

▀█▀ █▀█ ▄▀█ █ ▀█▀ █▀█ █▀█
░█░ █▀▄ █▀█ █ ░█░ █▄█ █▀▄ v0.0.0
https://github.com/liamg/traitor

[+] Assessing machine state...
[+] Checking for opportunities...
[+][kernel:CVE-2022-0847] Kernel version 5.13.0 is vulnerable!
[+][kernel:CVE-2022-0847] Opportunity found, trying to exploit it...
[+][kernel:CVE-2022-0847] Attempting to set root password...
[+][kernel:CVE-2022-0847] Opening '/etc/passwd' for read...
[+][kernel:CVE-2022-0847] Creating pipe...
[+][kernel:CVE-2022-0847] Determining pipe size...
[+][kernel:CVE-2022-0847] Pipe size is 65536.
[+][kernel:CVE-2022-0847] Filling pipe...
[+][kernel:CVE-2022-0847] Draining pipe...
[+][kernel:CVE-2022-0847] Pipe drained.
[+][kernel:CVE-2022-0847] Splicing data...
[+][kernel:CVE-2022-0847] Writing to dirty pipe...
[+][kernel:CVE-2022-0847] Write of '/etc/passwd' successful!
[+][kernel:CVE-2022-0847] Starting shell...
[+][kernel:CVE-2022-0847] Please exit the shell once you are finished to ensure the contents of /etc/passwd is restored.
[+][kernel:CVE-2022-0847] Setting up tty...
[+][kernel:CVE-2022-0847] Attempting authentication as root...
[+][kernel:CVE-2022-0847] Restoring contents of /etc/passwd...
[+][kernel:CVE-2022-0847] Opening '/etc/passwd' for read...
[+][kernel:CVE-2022-0847] Creating pipe...
[+][kernel:CVE-2022-0847] Determining pipe size...
[+][kernel:CVE-2022-0847] Pipe size is 65536.
[+][kernel:CVE-2022-0847] Filling pipe...
[+][kernel:CVE-2022-0847] Draining pipe...
[+][kernel:CVE-2022-0847] Pipe drained.
[+][kernel:CVE-2022-0847] Splicing data...
[+][kernel:CVE-2022-0847] Writing to dirty pipe...
[+][kernel:CVE-2022-0847] Write of '/etc/passwd' successful!
[+][error] Exploit failed: invalid password
[+] Continuing to look for opportunities
[+] Nothing found to exploit.
thomas@thomas-ThinkPad-E15:~/traitor$
@751897386
Copy link

Hi,
was the prob solved? I met the same error on target machine, wonder a remedy method.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@drtha @751897386