Pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

InfluxDB - Power Real-Time Data Analytics at Scale

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

www.influxdata.com

featured

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

featured

CVE-2021-4034

1 24 0.0 C

CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept (by mebeim)
pwnkit-exploit

1 32 0.0 C

CVE-2021-4034 POC exploit

Worth noting that this and the other exploit that was posted on twitter last night do not work (at least) on Fedora 34, and some versions of OpenSUSE. Generally they will not work on versions of polkit which disable GVFS. My POC [0] handles this by just setting the relevant env variable explicitly.
[0] https://github.com/PeterGottesman/pwnkit-exploit

InfluxDB

www.influxdata.com featured

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Universal local privilege escalation exploit for CVE-2024-1086

1 project | news.ycombinator.com | 11 Apr 2024
Beeper Mini Is Back

4 projects | news.ycombinator.com | 11 Dec 2023
Does anyone know where the source code for Beeper Cloud's iMessage bridge is?

1 project | /r/beeper | 10 Dec 2023
Apple cuts off Beeper Mini's access after launch of service that brought iMessage to Android | TechCrunch

1 project | /r/gadgets | 9 Dec 2023
Apple cuts off Beeper Mini's access

3 projects | news.ycombinator.com | 8 Dec 2023

Pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
cve-2021-4034 lpe proof-of-concept polkit pkexec
Post date: 26 Jan 2022

CVE-2021-4034

pwnkit-exploit

InfluxDB

Related posts

Universal local privilege escalation exploit for CVE-2024-1086

Beeper Mini Is Back

Does anyone know where the source code for Beeper Cloud's iMessage bridge is?

Apple cuts off Beeper Mini's access after launch of service that brought iMessage to Android | TechCrunch

Apple cuts off Beeper Mini's access

Pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com cve-2021-4034 lpe proof-of-concept polkit pkexec Post date: 26 Jan 2022

CVE-2021-4034

pwnkit-exploit

InfluxDB

Related posts

Universal local privilege escalation exploit for CVE-2024-1086

Beeper Mini Is Back

Does anyone know where the source code for Beeper Cloud's iMessage bridge is?

Apple cuts off Beeper Mini's access after launch of service that brought iMessage to Android | TechCrunch

Apple cuts off Beeper Mini's access

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
cve-2021-4034 lpe proof-of-concept polkit pkexec
Post date: 26 Jan 2022