Baron Samedit (Spawn Agent)

Identify the sudo binary version on the local system, compare it against the last known vulnerable version of Sudo for CVE-2021-3156, then spawn an elevated Pneuma agent.

Execute this chain

Download Operator (1.7.0)
Learn about Operator

TTPs

Identify sudo binary version
Compare software versions for exploitation
Spawn elevated pneuma via CVE-2021-3156

User-Set Custom Variables

  • exploitable.version: 1.9.5p1