Share
## https://sploitus.com/exploit?id=A66E46B6-2270-5BA1-B4C5-C218ED1DCA97
# CVE-2024-32019 Proof of Concept (Python)

A Python implementation of the Local Privilege Escalation (LPE) exploit for **Netdata** (CVE-2024-32019).

This script exploits a vulnerability in the `ndsudo` component where the `PATH` environment variable is not properly sanitized. This allows a local attacker to execute arbitrary commands as root by hijacking allowed binaries (such as `nvme-list`, `ip`, `gem`, etc. modify it as you need in the begining of the code).

## โš ๏ธ Disclaimer

**FOR EDUCATIONAL PURPOSES ONLY.**
This code is intended for security researchers, CTF players, and system administrators to test their own systems. The author takes no responsibility for any misuse of this code. Do not use this against systems you do not have permission to test.

## ๐Ÿš€ Features

- **Pure Python:** No external dependencies required (uses standard library).
- **Auto-Discovery:** Automatically locates the `ndsudo` binary in common installation paths (modify it if necessary)
- **Smart Brute-force:** Unlike the original script which might target a single command, this script iterates through a list of known allowed commands (including `nvme-list`, `ip`, `gem`, `node`, `npm`, etc.) to maximize success rate.
- **Auto-Cleanup:** Removes the malicious payload from the disk after execution.

## ๐Ÿ“‹ Prerequisites

- Access to the target machine as a low-privileged user.
- Python 3 installed on the target machine.
- A vulnerable version of Netdata installed.

## ๐Ÿ› ๏ธ Usage

1. **Clone the repository** (or copy `exploit.py` to the target machine):
   ```bash
   git clone https://github.com/julichaan/CVE-2024-32019-ndsudo-local-privilege-escalation-NetData.git
   cd CVE-2024-32019-Python
   python3 poc.py