CVE-2021-4034 Local Privilege Escalation

Stella Sebastian April 12, 2022

superior_hosting_service

pinkit

CVE-2021-4034 Proof of concept for pwnkit vulnerability. Local privilege escalation via `pkexec`

YouTube video

Run locally

make all && ./pwnkit && make clean

Run in docker

# Build the docker image
docker build -t pwnkit .

# Run the exploit
docker run -it pwnkit bash
make all && ./pwnkit && make clean

Detect using snyk-cli

snyk container test pwnkit:latest --file=Dockerfile

Resources

The CVE-2021-4034 Poc is a github repository by PwnFunction

Spring4Shell and Spring Cloud RCE vulnerability

Tags: bugbounty CVE-2021-4034 exploit Hacking malware privilege escalation pwnkit Vulnerability

Stella Sebastian April 12, 2022