关联漏洞
标题:
polkit 缓冲区错误漏洞
(CVE-2021-4034)
描述:polkit是一个在类 Unix操作系统中控制系统范围权限的组件。通过定义和审核权限规则,实现不同优先级进程间的通讯。 polkit 的 pkexec application存在缓冲区错误漏洞,攻击者可利用该漏洞通过精心设计环境变量诱导pkexec执行任意代码。成功执行攻击后,如果目标计算机上没有权限的用户拥有管理权限,攻击可能会导致本地权限升级。
描述
🚀 Enhance your penetration testing with PwnKit Helper, a simple tool for exploiting the CVE-2021-4034 vulnerability in pkexec for local privilege escalation.
介绍
# 🛡️ pwnkit-helper - Elevate Your Hacking Skills Safely
[](https://github.com/kaisen-bot/pwnkit-helper/releases)
## 📦 Overview
pwnkit-helper is designed for capture-the-flag (CTF) events and secure environments. This tool focuses on exploiting CVE-2021-4034 to achieve local privilege escalation. With pwnkit-helper, you can enhance your ethical hacking toolkit efficiently and securely.
## 🚀 Getting Started
To get started with pwnkit-helper, follow these simple steps. You will obtain the tool and run it in no time.
### 1. System Requirements
Before you download pwnkit-helper, ensure that your device meets these requirements:
- A computer running Ubuntu or Debian.
- An active internet connection for downloading the tool.
### 2. Visit the Releases Page
Head over to our Releases page to find the latest version of pwnkit-helper. Click the link below:
[Visit the Releases Page to Download](https://github.com/kaisen-bot/pwnkit-helper/releases)
### 3. Download the Software
Choose the appropriate version for your operating system from the releases list. Simply click the link corresponding to your desired file. Downloading will start automatically.
### 4. Install pwnkit-helper
Once the download completes, locate the downloaded file in your computer's Downloads folder.
- For **Linux** users: You may need to change file permissions to allow the file to run. Open a terminal and run:
```
chmod +x /path/to/pwnkit-helper
```
Replace `/path/to/pwnkit-helper` with your actual file path.
### 5. Run the Tool
You can now run pwnkit-helper. Open your terminal and execute the following command:
```
./pwnkit-helper
```
This will start the tool. Follow the prompts as necessary.
## 📋 Features
pwnkit-helper has several features to help you succeed:
- **Local Privilege Escalation:** Safely exploit CVE-2021-4034.
- **User-Friendly Interface:** Designed for easy navigation.
- **Versatile:** Suitable for CTF events and safe testing.
## 🔍 Examples of Use
1. **CTF Competitions:** Use pwnkit-helper to find vulnerabilities in a controlled environment.
2. **Learning Tool:** Understand how local privilege escalation works without risking your main system.
## 🛠️ Troubleshooting
- **Permission Issues:** If you have trouble running the tool, ensure it has executable permissions as shown in Step 4.
- **Dependencies:** Make sure you have all necessary packages installed for smooth operation.
## ℹ️ Support
For further assistance, check our [GitHub Issues Page](https://github.com/kaisen-bot/pwnkit-helper/issues) or reach out to the community.
## 📚 Additional Resources
- [Ethical Hacking Guide](https://example.com/ethical-hacking-guide)
- [Tutorials on Privilege Escalation](https://example.com/tutorials)
## 📥 Download & Install
Now that you know how to get started, go ahead and download pwnkit-helper:
[Click here to download pwnkit-helper](https://github.com/kaisen-bot/pwnkit-helper/releases)
Follow the steps outlined above, and you'll have the tool running in moments. If you encounter issues, refer to the troubleshooting section for help.
文件快照
[4.0K] /data/pocs/fd9d6ecaf590b5e214def2239526e68ca8d0849d
├── [8.2K] exploit.py
└── [3.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。