## https://sploitus.com/exploit?id=B815CF61-2540-5E4D-AAB8-F3976D79DF34
> **Security Notice**: This repository contains working exploit code
> for educational and research purposes. Use responsibly and only on
> systems you own or have explicit permission to test.
# CVE-2023-4911-PoC-Optimized
Optimized, multi-threaded exploit for CVE-2023-4911 (Looney Tunables).
## Implementation details
- **Monolithic design:** Integrates libc patching and environment preparation directly into the C binary. Eliminates external Python scripts used in other implementations.
- **Multi-threaded brute-forcing:** Utilizes all available CPU cores via `fork()` to maximize exploitation attempts per second.
- **Dynamic calibration:** Measures baseline execution time on startup (20 runs) to automatically adjust delays, replacing hardcoded delays with adaptive timing based on actual system performance.
- **Fail-fast check:** Performs a silent crash test before the main loop to abort immediately on patched systems.
- **Custom ELF parser:** Parses the target libc at runtime to locate patch offsets dynamically, avoiding hardcoded addresses.
## Build
```sh
gcc -o exploit main.c
```
## Usage
```sh
./exploit
```
## References
- **NVD**: [CVE-2023-4911](https://nvd.nist.gov/vuln/detail/CVE-2023-4911)
## Credits
Base exploit structure, environment layout, and libc patching logic:
- **Xion (KAIST Hacking Lab)**: Original PoC ([leesh3288/CVE-2023-4911](https://github.com/leesh3288/CVE-2023-4911))
- **Beatriz Fresno Naumova**: Refined C implementation ([EDB-ID: 52479](https://www.exploit-db.com/exploits/52479))
This implementation is based on the above works, with the following additions:
- Multi-threaded brute-forcing using all CPU cores
- Dynamic calibration based on system performance
- Improved ELF parser (mmap-based, uses .dynsym)
- Fail-fast vulnerability check
- Custom shellcode (setreuid/setresuid)
- Real-time statistics tracking
- Core dump suppression
**Author of optimizations:** Anastasia Shebalkina