Exploit for Off-by-one Error in Sudo Project Sudo CVE-2021-3156

Name: Exploit for Off-by-one Error in Sudo Project Sudo CVE-2021-3156
Rating: 5 (195 reviews)

2022-06-24 | CVSS 7.2

## https://sploitus.com/exploit?id=4C45914B-E23C-51F5-AC39-A11AF3084185
# CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

## Root Exploit (No BruteForce)

All research credit: **Qualys Research Team**
Check out the details on their [blog](https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit).

Manually installed Ubuntu 20.04 LTS and Sudo version 1.8.31 on Docker container for testing purpose and running the command `sudoedit -s 'AAAAAAAAAAAAAAAAAAAA\'`.

## PoC

![poc1](src/poc1.png)

![poc2](src/poc2.gif)