mirror of https://github.com/badsectorlabs/copyfail-go.git synced 2026-05-16 06:30:10 +00:00

A Go implementation of copyfail (CVE-2026-31431)

Find a file

Ali 58fc30304d feat: add aarch64 payload and resolve su via PATH - Adds an aarch64 ELF shellcode payload alongside the existing amd64 one, selected at runtime via runtime.GOARCH. The arm64 ELF is a hand-built 172-byte binary performing the same setuid(0) / execve("/bin/sh") / exit(0) sequence (syscalls 146, 221, 93). Disassembly for both payloads is documented inline. - Replaces the hardcoded /usr/bin/su path with resolveSu(): tries /usr/bin/su first, then falls back to exec.LookPath("su") so the PoC works on systems where su lives elsewhere (e.g. /bin/su on Debian derivatives, or anywhere a non-standard PATH points).		2026-04-30 14:04:08 +12:00
.github/workflows	feat: ✨ initial commit	2026-04-29 18:53:12 -04:00
.gitignore	feat: ✨ initial commit	2026-04-29 18:53:12 -04:00
.goreleaser.yaml	feat: ✨ initial commit	2026-04-29 18:53:12 -04:00
go.mod	feat: ✨ initial commit	2026-04-29 18:53:12 -04:00
go.sum	feat: ✨ initial commit	2026-04-29 18:53:12 -04:00
LICENSE	feat: ✨ initial commit	2026-04-29 18:53:12 -04:00
main.go	feat: add aarch64 payload and resolve su via PATH	2026-04-30 14:04:08 +12:00
README.md	feat: ✨ initial commit	2026-04-29 18:53:12 -04:00

README.md

CopyFail Go

Most Linux LPEs need a race window or a kernel-specific offset.Copy Fail is a straight-line logic flaw — it needs neither.The same ~~732-byte Python script~~ static Go binary roots every Linux distribution shipped since 2017.

A Go implementation of CVE-2026-31431. In case you need a static binary and no Python dependency.

See copy.fail for more info.