This is an exercise built around CVE-2021-3560# 🛡️ CVE-2021-3560 Privilege Escalation Exercise
<p align="center">
<img width="411" alt="ss-icon" src="https://github.com/user-attachments/assets/f61d1fbc-abae-4fc9-ac7a-ee9d2be20a9b" />
</p>
---
## 📚 Overview
This repository contains materials for a hands-on cybersecurity exercise centered on **CVE-2021-3560**, a privilege escalation vulnerability in **polkit**.
Discovered by GitHub Security Lab in 2021, this flaw allowed unprivileged Linux users to gain root access by exploiting a **race condition** in user credential handling.
The vulnerability affected multiple Linux distributions and was patched in mid-2021.
---
## 🎮 Scenario: *"Sidewinder Swifty's Silent Escalation"*
You are **Sidewinder Swifty** — a sly cyber-infiltrator known for slipping past digital defenses. You've gained low-level access to a target Ubuntu 20.04 machine. Your mission:
- Exploit CVE-2021-3560
- Escalate privileges to root
- Maintain access and **leave no trace**
> ⚠️ Precision and timing are key. Success depends on your ability to emulate real-world attacker tradecraft.
---
## 🧠 Learning Objectives
This exercise will guide you through practical offensive security concepts, including:
- 🔼 **Privilege Escalation** – Gaining unauthorized administrative access
- ⏱️ **Race Conditions** – Exploiting timing-based flaws
- 📖 **CVE Exploitation** – Leveraging public vulnerabilities
- 🧬 **Persistence** – Maintaining access after compromise
- 👤 **User Obfuscation** – Masking your identity and actions
- 🎭 **Privilege Masquerading** – Posing as a legitimate system user
- 🔁 **File Transfer** – Using `scp` and `netcat`
- 📦 **Compression** – Archiving with `tar`
- 🔍 **Sensitive File Access** – Reading protected system files
- 🧾 **Log Manipulation** – Editing logs to cover your tracks
- 🕵️ **Anti-Forensics** – Evading forensic analysis
- 🧨 **Threat Actor Simulation** – Reproducing attacker TTPs (Tactics, Techniques, Procedures)
---
## 🎯 Expected Outcomes
By completing this challenge, you will:
- Gain hands-on experience exploiting **privilege escalation vulnerabilities**
- Understand the **importance of secure permissions and patch management**
- Practice **realistic post-exploitation tactics**
- Learn how attackers **maintain stealth and persistence**
- See firsthand why **timely system updates** are critical for defense
---
## ⚠️ Disclaimer
> This project is intended for **educational and ethical research purposes only**.
> Do **not** use these techniques on systems you do not own or have explicit permission to test.
> **Do not** use these techniques on any system you do not own or have explicit permission to test. Unauthorized access is illegal and unethical.
[Watch the demo on YouTube](https://www.youtube.com/watch?v=xLK27EJkNv0)
登录后查看神龙缓存的 POC 文件快照
登录查看