c06fd4aa80
* Add "PwnKit Vulnerability" - LPE The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. * Add Credits to README.MD * pwnkit: Move to shorter directory name * pwnkit: Add compiled version * pwnkit: Copy built binaries instead of compiling * make it executable * add credits Co-authored-by: Marc <foxtrot@malloc.me>
PwnKit Vulnerability - Local Privilege Escalation - Compiled
- Title: PwnKit Vulnerability - Local Privilege Escalation
- Author: TW-D
- Version: 1.0
- Target: Linux
- Category: Execution
- Credits: Qualys Research Team
Description
This is a version of the PwnKit Vulnerability Local Privilege Escalation containing pre-compiled binaries for x86_64 Linux. If you don't want to use the pre-compiled binaries or you are targetting a different architecture, please find the PwnKit-LPE directory.
The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration.
PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)
Configuration
From "payload.txt" change the values of the following constant :
######## INITIALIZATION ########
readonly BB_LABEL="BashBunny"