Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2021-3560 PoC — polkit 代码问题漏洞

Source
https://github.com/titusG85/SideWinder-Exploit
Associated Vulnerability
Title:polkit 代码问题漏洞 (CVE-2021-3560)
Description:It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Description
This is an exercise built around CVE-2021-3560
Readme
# 🛡️ CVE-2021-3560 Privilege Escalation Exercise

<p align="center">
  <img width="411" alt="ss-icon" src="https://github.com/user-attachments/assets/f61d1fbc-abae-4fc9-ac7a-ee9d2be20a9b" />
</p>

---

## 📚 Overview

This repository contains materials for a hands-on cybersecurity exercise centered on **CVE-2021-3560**, a privilege escalation vulnerability in **polkit**.  
Discovered by GitHub Security Lab in 2021, this flaw allowed unprivileged Linux users to gain root access by exploiting a **race condition** in user credential handling.  
The vulnerability affected multiple Linux distributions and was patched in mid-2021.

---

## 🎮 Scenario: *"Sidewinder Swifty's Silent Escalation"*

You are **Sidewinder Swifty** — a sly cyber-infiltrator known for slipping past digital defenses. You've gained low-level access to a target Ubuntu 20.04 machine. Your mission:

- Exploit CVE-2021-3560  
- Escalate privileges to root  
- Maintain access and **leave no trace**

> ⚠️ Precision and timing are key. Success depends on your ability to emulate real-world attacker tradecraft.

---

## 🧠 Learning Objectives

This exercise will guide you through practical offensive security concepts, including:

- 🔼 **Privilege Escalation** – Gaining unauthorized administrative access  
- ⏱️ **Race Conditions** – Exploiting timing-based flaws  
- 📖 **CVE Exploitation** – Leveraging public vulnerabilities  
- 🧬 **Persistence** – Maintaining access after compromise  
- 👤 **User Obfuscation** – Masking your identity and actions  
- 🎭 **Privilege Masquerading** – Posing as a legitimate system user  
- 🔁 **File Transfer** – Using `scp` and `netcat`  
- 📦 **Compression** – Archiving with `tar`  
- 🔍 **Sensitive File Access** – Reading protected system files  
- 🧾 **Log Manipulation** – Editing logs to cover your tracks  
- 🕵️ **Anti-Forensics** – Evading forensic analysis  
- 🧨 **Threat Actor Simulation** – Reproducing attacker TTPs (Tactics, Techniques, Procedures)

---

## 🎯 Expected Outcomes

By completing this challenge, you will:

- Gain hands-on experience exploiting **privilege escalation vulnerabilities**  
- Understand the **importance of secure permissions and patch management**  
- Practice **realistic post-exploitation tactics**  
- Learn how attackers **maintain stealth and persistence**  
- See firsthand why **timely system updates** are critical for defense

---

## ⚠️ Disclaimer

> This project is intended for **educational and ethical research purposes only**.  
> Do **not** use these techniques on systems you do not own or have explicit permission to test.

> **Do not** use these techniques on any system you do not own or have explicit permission to test. Unauthorized access is illegal and unethical.

[Watch the demo on YouTube](https://www.youtube.com/watch?v=xLK27EJkNv0)
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →