An exploit for CVE-2021-4034 aka Pwnkit: Local Privilege Escalation in polkit's pkexec

Overview

CVE-2021-4034 Exploit

Usage

$ git clone https://github.com/whokilleddb/CVE-2021-4034
$ cd CVE-2021-4034
$ make
[!] CVE-2021-4034 Exploit By whokilleddb
[!] Initializing Setup
[+] Setup Done :D
[!] Setting Root Privileges
[!] Launching Root Shell
# /bin/whoami
root

Rough Patch

# chmod 0755 `which pkexec`

Note: You can configure the options by playing around with include/config.h

Owner
whokilleddb
The funny lines I call code.
whokilleddb
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

PwnKit Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation Usage Should work out of the box on Linux distributions based on U

Oliver Lyak 503 May 11, 2022
This repository contains an exploit of CVE-2021-4034, a local privilege escalation in pkexec

pwnkit (CVE-2021-4034) Privilege Escalation exploit sample This repository contains an exploit of CVE-2021-4034, a local privilege escalation in pkexe

Peter Gottesman 24 Apr 21, 2022
CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept

CVE-2021-4034 Proof of Concept Qualys researches found a pretty cool local privilege escalation vulnerability in Polkit's pkexec: writeup, tweet. This

Marco Bonelli 19 Mar 15, 2022
CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation

CVE-2021-4034 CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation 根据CVE-2021-4034进行了加强,执行Exploit将会默认添加用户名rooter,密码[email protected],并且rooter用户将具

倾旋 81 May 3, 2022
CVE-2021-4034 One day for the polkit privilege escalation exploit

CVE-2021-4034 One day for the polkit privilege escalation exploit Just execute make, ./cve-2021-4034 and enjoy your root shell. The original advisory

Davide Berardi 1.5k May 8, 2022
Local Privilege Escalation Edition for CVE-2021-1675

Local Privilege Escalation Edition of CVE-2021-1675/CVE-2021-34527 Local Privilege Escalation implementation of the CVE-2021-1675/CVE-2021-34527 (a.k.

Halil Dalabasmaz 331 May 1, 2022
CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day

WindowsMDM-LPE-0Day Works best on Windows 11 CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still

Exploit Blizzard 24 May 1, 2022
Plex media server local privilige escalation poc - CVE-2021-42835

Local Privilege PlEXcalasion - CVE-2021-42835 Plex Media Server for Windows prior to version 1.25.0.5282, vulnerable to Time Of Check Time Of Use (TOC

null 5 Dec 22, 2021
Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell Exploit for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-a

Oliver Lyak 400 May 6, 2022
Exploit for the pwnkit vulnerability from the Qualys team

CVE-2021-4034 Exploit for the pwnkit vulnerability from the Qualys team. This exploit assumes that gcc is present on the target machine. $ id uid=1001

Terry Chia 96 May 13, 2022
PoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)

CallbackHell DoS PoC for CVE-2021-40449 (Win32k - LPE) CallbackHell Description Technical Writeup PoC References Description CVE-2021-40449 is a use-a

Oliver Lyak 400 May 6, 2022
CVE-2021-4034 POC and Docker and Analysis write up

CVE-2021-4034 POC and Docker and Analysis write up

breeze 9 Mar 1, 2022
Proof of Concept (PoC) CVE-2021-4034

PwnKit-Exploit CVE-2021-4034 @c0br40x help to make this section in README!! Proof of Concept [email protected]:~/PwnKit-Exploit$ make cc -Wall exploit.

Luis Javier 47 Apr 18, 2022
PoC for cve-2021-4034

cve-2021-4034 PoC for cve-2021-4034 Based on the PoC by https://haxx.in: https://haxx.in/files/blasty-vs-pkexec.c. Probably he's https://github.com/bl

Michael Schmid 2 Feb 2, 2022
Pre-compiled builds for CVE-2021-4034

CVE-2021-4034 Precompiled builds for CVE-2021-4034. Of course you shouldn't trust precompiled builds :) This release works slightly different: first a

null 8 Apr 1, 2022
Bring your own print driver privilege escalation tool

Concealed Position Concealed Position is a local privilege escalation attack against Windows using the concept of "Bring Your Own Vulnerability". Spec

Jacob Baines 206 May 5, 2022
SystemGap - Maintenance Tools after privilege escalation

SystemGap 适用于解决不稳定Windows漏洞提权成功后进行权限驻守的办法 SystemGap - 监听者 SystemGap 负责监听一个任意用户可读写的匿名管道,从管道中读取命令进行执行 SystemGapClient - 发送者 SystemGapClient 负责向匿名管道中传入指令

倾旋 34 Apr 25, 2022
Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.

RemotePotato0 Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin. RemotePotato0 is an exploit that allows you to escalate

null 1.1k May 11, 2022