Share
## https://sploitus.com/exploit?id=C09EC48D-DD89-51E7-8B3E-6818338B7061
# CVE-2026-31431
CVE-2026-31431检测和测试


0x01 Quick Start

Some target environments do not have Python installed, so this privilege
escalation logic was rewritten in C.

1. Compile

Run the following command on your Linux machine or WSL (using -static is
recommended to avoid GLIBC version issues):

    gcc -static exploit.c -o exploit

2. Deploy and Execute

Upload the generated binary to the target machine:

    chmod +x exploit
    ./exploit

If the exploit succeeds, the program will automatically execute su and
spawn a root shell directly without requiring a password.

If you use python-ex.py version in some OS ,maybe you will met `AttributeError: module 'os' has no attribute 'splice' ` error. so you can change to C lang version. 


if you only check not exploit,you can run this command 

    python3 -c 'import socket; s=socket.socket(38,5,0); (s.bind(("aead", "authencesn(hmac(sha256),cbc(aes))")) or print("未缓解")) if s else None' 2>/dev/null || echo "已缓解"