2024-05-25 21:48:12 +02:00
### [CVE-2021-4034](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034)
& color=brighgreen)
### Description
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
### POC
#### Reference
- http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0x01-sec/CVE-2021-4034-
- https://github.com/0x05a/my-cve-2021-4034-poc
- https://github.com/0x4ndy/CVE-2021-4034-PoC
2024-06-10 18:01:06 +00:00
- https://github.com/0xMarcio/cve
2024-05-25 21:48:12 +02:00
- https://github.com/0xNix/CVE-2021-4034
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xalwayslucky/log4j-polkit-poc
- https://github.com/0xsmirk/vehicle-kernel-exploit
- https://github.com/0xsyr0/OSCP
- https://github.com/20142995/sectool
- https://github.com/A1vinSmith/CVE-2021-4034
- https://github.com/ARGOeu-Metrics/secmon-probes
- https://github.com/ARGOeu/secmon-probes
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ASG-CASTLE/CVE-2021-4034
- https://github.com/AabyssZG/AWD-Guide
- https://github.com/Abdibimantara/IncidentResponse--ElasticCase
- https://github.com/Al1ex/CVE-2021-4034
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/Almorabea/pkexec-exploit
- https://github.com/An00bRektn/CVE-2021-4034
- https://github.com/AnastasiaLomova/PR1
- https://github.com/AnastasiaLomova/PR1.1
- https://github.com/Ankit-Ojha16/CVE-2021-4034
- https://github.com/Anonymous-Family/CVE-2021-4034
- https://github.com/ArrestX/--POC
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Audiobahn/CVE-2021-4034
- https://github.com/Aukaii/notes
- https://github.com/AvakyanAlexander/Number7
- https://github.com/AvakyanAlexander/Number7.1
- https://github.com/Awrrays/Pentest-Tips
- https://github.com/Ayrx/CVE-2021-4034
2024-08-10 19:04:30 +00:00
- https://github.com/BEPb/tryhackme
2024-05-25 21:48:12 +02:00
- https://github.com/BachoSeven/stellestelline
- https://github.com/BastG57/Random
- https://github.com/BryptoBlood/Cyber-Security-University
- https://github.com/C7H10N2/Hackergame2022_Writeup
- https://github.com/CITIZENDOT/CS547-CVEs
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CYB3RK1D/CVE-2021-4034-POC
- https://github.com/CharonDefalt/linux-exploit
- https://github.com/CronoX1/CVE-2021-4034
- https://github.com/CyberHackPr/CEH_PRACTICAL
- https://github.com/DanaEpp/pwncat-workshop
- https://github.com/DanaEpp/pwncat_pwnkit
- https://github.com/DanielShmu/OSCP-Cheat-Sheet
- https://github.com/DavidSerre/Pwnkit
- https://github.com/Desm0ndChan/OSCP-cheatsheet
- https://github.com/DosAmp/pkwned
2024-06-08 09:32:58 +00:00
- https://github.com/DrewSC13/Linpeas
2024-05-25 21:48:12 +02:00
- https://github.com/EstamelGG/CVE-2021-4034-NoGCC
- https://github.com/Ethical-Dyl/gamingserver-writeup
- https://github.com/Ethical-Dyl/road-writeup
- https://github.com/FDlucifer/Pwnkit-go
- https://github.com/Fa1c0n35/Traitoy-Linux-privilege-escalation
- https://github.com/FancySauce/PwnKit-CVE-2021-4034
- https://github.com/Fato07/Pwnkit-exploit
- https://github.com/G01d3nW01f/CVE-2021-4034
- https://github.com/Geni0r/cve-2021-4034-poc
- https://github.com/GhostTroops/TOP
- https://github.com/GibzB/THM-Captured-Rooms
- https://github.com/H3arn/hackergame-2022-writeup
- https://github.com/HadessCS/Awesome-Privilege-Escalation
- https://github.com/HattMobb/TryHackMe-Bugle-Machine-Writeup-Walkthrough
2024-06-22 09:37:59 +00:00
- https://github.com/HaxorSecInfec/autoroot.sh
2024-05-25 21:48:12 +02:00
- https://github.com/HellGateCorp/pwnkit
- https://github.com/HrishitJoshi/CVE-2021-4034
- https://github.com/IBM-Cloud/vpc-ha-iac
- https://github.com/ITMarcin2211/Polkit-s-Pkexec-CVE-2021-4034
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/Ignitetechnologies/Linux-Privilege-Escalation
- https://github.com/Immersive-Labs-Sec/CVE-2021-4034
- https://github.com/J0hnbX/CVE-2021-4034-new
- https://github.com/Jesrat/make_me_root
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/JoaoFukuda/CVE-2021-4034_POC
- https://github.com/Joffr3y/Polkit-CVE-2021-4034-HLP
- https://github.com/JohnGilbert57/CVE-2021-4034-Capture-the-flag
- https://github.com/JoyGhoshs/CVE-2021-4034
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Kiosec/Linux-Exploitation
- https://github.com/Kirill89/CVE-2021-4034
- https://github.com/LJP-TW/CVE-2021-4034
- https://github.com/LSidera/LSidera.github.io
- https://github.com/LebJe/awesome-stars
- https://github.com/LeonardoE95/yt-it
- https://github.com/Liepkalns/shiny-garbanzo
- https://github.com/LucasPDiniz/CVE-2021-4034
- https://github.com/LukeGix/CVE-2021-4034
- https://github.com/Ly0nt4r/OSCP
- https://github.com/Meowmycks/OSCPprep-Cute
- https://github.com/Meowmycks/OSCPprep-Sar
- https://github.com/Meowmycks/OSCPprep-hackme1
2024-07-25 21:25:12 +00:00
- https://github.com/Mr-Tree-S/POC_EXP
2024-05-25 21:48:12 +02:00
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/N1et/CVE-2021-4034
- https://github.com/NSeither/WITCOE
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Nero22k/CVE-2021-4034
- https://github.com/Nguyen-id/nc
- https://github.com/NiS3x/CVE-2021-4034
- https://github.com/Nickguitar/YAPS
- https://github.com/Nosferatuvjr/PwnKit
- https://github.com/NxPnch/Linux-Privesc
- https://github.com/NxPnch/pkexec-exploit
- https://github.com/OXDBXKXO/ez-pwnkit
- https://github.com/OlegBr04/Traitor
- https://github.com/OriginalNexus/polkit-cve-demo
- https://github.com/Ostorlab/KEV
- https://github.com/Part01-Pai/Polkit-Permission-promotion-compiled
- https://github.com/PenTestical/linpwn
- https://github.com/PeterGottesman/pwnkit-exploit
- https://github.com/Pixailz/CVE-2021-4034
- https://github.com/Plethore/CVE-2021-4034
- https://github.com/Pol-Ruiz/CVE-2021-4034
- https://github.com/Pr0f3ssor/CVE-2021-4034-Pwnkit
- https://github.com/PracCs/Notes-Labs-CEH
- https://github.com/PwnFunction/CVE-2021-4034
- https://github.com/Quasar0147/Syshardening-6-Writeup
- https://github.com/Qwertozavr/PR1_3
- https://github.com/Qwertozavr/PR1_3.2
- https://github.com/Qwertozavr/PR1_TRPP
- https://github.com/R0dznCL/polkit_check
- https://github.com/RACHO-PRG/Linux_Escalada_Privilegios
- https://github.com/Reelix/Infosec
- https://github.com/Rektedekte/pwn3
- https://github.com/Rezilion/mi-x
- https://github.com/Rijha/pwnkitt
- https://github.com/Rvn0xsy/CVE-2021-4034
- https://github.com/Sakura-nee/CVE-2021-4034
2024-08-05 18:41:32 +00:00
- https://github.com/SenukDias/OSCP_cheat
2024-05-25 21:48:12 +02:00
- https://github.com/Senz4wa/CVE-2021-4034
- https://github.com/Silencecyber/cve-2021-4034
- https://github.com/SirElmard/ethical_hacking
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/Somchandra17/Privilege-Escalation-For-Linux
- https://github.com/Squirre17/CVE-2021-4034
- https://github.com/Staxtis/TryHackMe-Wekor1.0-Manual-SQLi
- https://github.com/SugarP1g/LearningSecurity
- https://github.com/TW-D/PwnKit-Vulnerability_CVE-2021-4034
- https://github.com/Taillan/TryHackMe
- https://github.com/Tanmay-N/CVE-2021-4034
- https://github.com/TanmoyG1800/CVE-2021-4034
2024-08-09 18:54:21 +00:00
- https://github.com/Technetium1/stars
2024-05-25 21:48:12 +02:00
- https://github.com/TheJoyOfHacking/berdav-CVE-2021-4034
- https://github.com/TheSermux/CVE-2021-4034
- https://github.com/Threekiii/Awesome-POC
- https://github.com/TomSgn/CVE-2021-4034
- https://github.com/TotallyNotAHaxxer/CVE-2021-4034
- https://github.com/Waxweasle/TryHackMe-Daily-Bugle-Walkthrough-2-ways-
- https://github.com/Whiteh4tWolf/xcoderootsploit
- https://github.com/WhooAmii/POC_to_review
- https://github.com/X0RW3LL/XenSpawn
- https://github.com/Y3A/CVE-2021-4034
- https://github.com/Yakumwamba/POC-CVE-2021-4034
- https://github.com/YgorAlberto/Ethical-Hacker
- https://github.com/YgorAlberto/ygoralberto.github.io
- https://github.com/ZWDeJun/ZWDeJun
- https://github.com/Zeyad-Azima/Remedy4me
2024-07-25 21:25:12 +00:00
- https://github.com/a-roshbaik/Linux-Privilege-Escalation-Exploits
2024-05-25 21:48:12 +02:00
- https://github.com/aimebertrand/Socat
- https://github.com/al4xs/polkit-pwnkit
- https://github.com/amirexsploit/serverscanner
- https://github.com/amirseyedian/PwnKit
- https://github.com/amtzespinosa/lord-of-the-root-walkthrough
- https://github.com/an0n7os/CVE-2021-4034
- https://github.com/anquanscan/sec-tools
- https://github.com/antoinenguyen-09/CVE-2021-4034
- https://github.com/artemis-mike/cve-2021-4034
- https://github.com/arthepsy/CVE-2021-4034
- https://github.com/asepsaepdin/CVE-2021-4034
- https://github.com/ashishlaxkar16/vulnerabilities
- https://github.com/ashutoshrohilla/CVE-2021-4034
- https://github.com/aus-mate/CVE-2021-4034-POC
2024-07-25 21:25:12 +00:00
- https://github.com/ayoub-elbouzi/CVE-2021-4034-Pwnkit
2024-05-25 21:48:12 +02:00
- https://github.com/ayypril/CVE-2021-4034
- https://github.com/azazelm3dj3d/CVE-2021-4034
- https://github.com/azminawwar/CVE-2021-4034
- https://github.com/b1n4ryj4n/awesome-stars
- https://github.com/backloop-biz/CVE_checks
- https://github.com/battleoverflow/CVE-2021-4034
- https://github.com/bbjubjub2494/cve-2021-4034-playground
- https://github.com/berdav/CVE-2021-4034
- https://github.com/bijaysenihang/sigma_detection_rules
- https://github.com/binganao/vulns-2022
- https://github.com/bollwarm/SecToolSet
- https://github.com/brootware/awesome-cyber-security-university
- https://github.com/c0br40x/test
- https://github.com/c0d3cr4f73r/CVE-2021-4034
- https://github.com/c0d3cr4f73r/CVE-2021-4034_Python3
- https://github.com/c3c/CVE-2021-4034
- https://github.com/c3l3si4n/pwnkit
- https://github.com/callrbx/pkexec-lpe-poc
- https://github.com/carlosevieira/polkit
- https://github.com/cbass12321/OSCP-Cheat-Sheets
- https://github.com/cd80-ctf/CVE-2021-4034
- https://github.com/cdrclbrs/pwnkit
- https://github.com/cdxiaodong/CVE-2021-4034-touch
- https://github.com/cerodah/CVE-2021-4034
- https://github.com/ch4rum/CVE-2021-4034
- https://github.com/chenaotian/CVE-2021-4034
- https://github.com/chorankates/Blunder
- https://github.com/chorankates/curling
- https://github.com/ck00004/CVE-2021-4034
- https://github.com/clubby789/CVE-2021-4034
- https://github.com/codiobert/pwnkit-scanner
- https://github.com/cr0ss2018/cr0ss2018
- https://github.com/crac-learning/CVE-analysis-reports
- https://github.com/cspshivam/cve-2021-4034
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/cyberark/PwnKit-Hunter
- https://github.com/cybercrazetech/Engineer-CTF
- https://github.com/d-rn/vulBox
- https://github.com/d3fenderz/linux_security
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/dadvlingd/CVE-2021-4034
- https://github.com/daltonmeridio/WriteUpHorizontall
- https://github.com/dannyotown/linux-vulnerability
- https://github.com/darkerego/pwnkit
- https://github.com/deathsticksguy/CEHv12Practical
- https://github.com/defhacks/cve-2021-4034
2024-06-07 04:52:01 +00:00
- https://github.com/dejavudwh/dejavudwh
2024-05-25 21:48:12 +02:00
- https://github.com/deoxykev/CVE-2021-4034-Rust
- https://github.com/drapl0n/pwnKit
- https://github.com/dzonerzy/poc-cve-2021-4034
- https://github.com/edsonjt81/CVE-2021-4034-Linux
- https://github.com/edsonjt81/Linux-Privilege-Escalation
- https://github.com/edsonjt81/PwnKit
- https://github.com/edsonjt81/PwnKit-Root-Linux
- https://github.com/evdenis/lsm_bpf_check_argc0
2024-08-22 18:33:16 +00:00
- https://github.com/exfilt/CheatSheet
2024-05-25 21:48:12 +02:00
- https://github.com/fazaroot/cve-2021-pwnkit
- https://github.com/fdellwing/CVE-2021-4034
- https://github.com/fei9747/CVE-2021-4034
- https://github.com/fenipr/Shibboleth
- https://github.com/filipposfwt/Pentest-Handbook
- https://github.com/flux10n/CVE-2021-4034
- https://github.com/galoget/PwnKit-CVE-2021-4034
- https://github.com/gbrsh/CVE-2021-4034
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/glowbase/PwnKit-CVE-2021-4034
- https://github.com/grng3r/rs_exploits
- https://github.com/h0pe-ay/Vulnerability-Reproduction
- https://github.com/hackingyseguridad/CVE-2021-4034
- https://github.com/hahaleyile/CVE-2021-4034
- https://github.com/hegusung/netscan
- https://github.com/hktalent/bug-bounty
- https://github.com/hohn/codeql-sample-polkit
- https://github.com/hugefiver/mystars
- https://github.com/hugs42/infosec
2024-06-10 07:22:43 +00:00
- https://github.com/hungslab/awd-tools
2024-05-25 21:48:12 +02:00
- https://github.com/hxysaury/saury-vulnhub
- https://github.com/iandrade87br/OSCP
- https://github.com/insurrectus/cyber-security-university
- https://github.com/jbmihoub/all-poc
- https://github.com/jcatala/f_poc_cve-2021-4034
- https://github.com/jenriquezv/OSCP-Cheat-Sheets
- https://github.com/jm33-m0/go-lpe
- https://github.com/joeammond/CVE-2021-4034
- https://github.com/jostmart/-CVE-2021-4034
- https://github.com/jpmcb/pwnkit-go
- https://github.com/jwardsmith/Penetration-Testing
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kaosagnt/ansible-everyday
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/khulnasoft-lab/awesome-security
- https://github.com/kimusan/pkwner
- https://github.com/kraloveckey/venom
- https://github.com/kt690/backup1
- https://github.com/kurniawandata/xcoderootsploit
- https://github.com/learner-ing/changeTools
- https://github.com/legovaer/my-awesome-stars
- https://github.com/liamg/traitor
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/lluriam19/CVE-2021-4034-Vuln
- https://github.com/locksec/CVE-2021-4034
- https://github.com/luckythandel/CVE-2021-4034
- https://github.com/luijait/PwnKit-Exploit
- https://github.com/ly4k/PwnKit
- https://github.com/makoto56/penetration-suite-toolkit
- https://github.com/manas3c/CVE-POC
- https://github.com/maxgfr/awesome-stars
- https://github.com/mebeim/CVE-2021-4034
- https://github.com/mehdiz18/cyberSecLearning
- https://github.com/merlinepedra/TRAITOR
- https://github.com/merlinepedra25/TRAITOR
- https://github.com/migueltc13/KoTH-Tools
- https://github.com/milot/dissecting-pkexec-cve-2021-4034
- https://github.com/mkDev99/brootwarecybersecurity
- https://github.com/moldabekov/CVE-2021-4034
- https://github.com/movvamrocks/PwnKit-CVE-2021-4034
- https://github.com/mutur4/CVE-2021-4034
- https://github.com/mxdelta/Up_Priveleges_Linux
- https://github.com/n1sh1th/CVE-POC
- https://github.com/n3onhacks/CVE-2021-4034
- https://github.com/n3onhacks/CVE-2021-4034-BASH-One-File-Exploit
- https://github.com/navisec/CVE-2021-4034-PwnKit
- https://github.com/nel0x/pwnkit-vulnerability
- https://github.com/nikaiw/CVE-2021-4034
- https://github.com/nikip72/CVE-2021-4034
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nobelh/CVE-2021-4034
- https://github.com/open-source-agenda/new-open-source-projects
- https://github.com/oreosec/pwnkit
- https://github.com/oscpname/OSCP_cheat
- https://github.com/pancham1305/YearOfTheRabbit-thm
2024-08-22 18:33:16 +00:00
- https://github.com/parth45/cheatsheet
2024-05-25 21:48:12 +02:00
- https://github.com/pengalaman-1t/CVE-2021-4034
- https://github.com/personaone/OSCP
- https://github.com/phprogrammer86/CEH---NOTES
- https://github.com/phvilasboas/CVE-2021-4034
- https://github.com/promise2k/OSCP
- https://github.com/ps-interactive/lab_cve-2021-4034-polkit-emulation-and-detection
- https://github.com/pyhrr0/pwnkit
2024-08-05 18:41:32 +00:00
- https://github.com/q99266/saury-vulnhub
2024-05-25 21:48:12 +02:00
- https://github.com/raigoj/local
- https://github.com/revanmalang/OSCP
- https://github.com/rhysmcneill/CVE-2021-403
- https://github.com/rickythewoof/HW_sicurezza
- https://github.com/riyyoo/TryHackMe-Lian_Yu-Walkthrough
- https://github.com/rneacsu5/polkit-cve-demo
- https://github.com/robemmerson/CVE-2021-4034
- https://github.com/rvizx/CVE-2021-4034
- https://github.com/ryaagard/CVE-2021-4034
- https://github.com/san3ncrypt3d/CVE-2021-4034-POC
- https://github.com/sanchez-anthony/ansible_pwnkit_mitigation
- https://github.com/scent2d/PoC-CVE-2021-4034
- https://github.com/scottford-io/secure-container-build
- https://github.com/sec13b/ssh
- https://github.com/securi3ytalent/bugbounty-CVE-Report
- https://github.com/secw01f/pwnkit
- https://github.com/seeu-inspace/easyg
- https://github.com/slayercom1988/Polkit
- https://github.com/smile-e3/vehicle-kernel-exploit
- https://github.com/sofire/polkit-0.96-CVE-2021-4034
- https://github.com/sonofescobar1337/server-scanner
- https://github.com/soosmile/POC
- https://github.com/substing/chillhack_ctf
- https://github.com/substing/ignite_ctf
- https://github.com/substing/internal_ctf
- https://github.com/substing/vulnerability_capstone_ctf
- https://github.com/substing/wonderland_ctf
- https://github.com/sunny0day/CVE-2021-4034
- https://github.com/supportingmx/cve-2021-4034
- https://github.com/szaszm/pwnkit
- https://github.com/tahaafarooq/poppy
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/teelrabbit/Polkit-pkexec-exploit-for-Linux
- https://github.com/teresaweber685/book_list
- https://github.com/thatstraw/CVE-2021-4034
- https://github.com/timb-machine-mirrors/SkyperTHC-zudo
- https://github.com/timb-machine/linux-malware
- https://github.com/toecesws/CVE-2021-4034
- https://github.com/tree-chtsec/osep-tools
- https://github.com/trganda/starrlist
- https://github.com/tufanturhan/polkit-privesc-linux
- https://github.com/txuswashere/OSCP
- https://github.com/tzwlhack/CVE-2021-4034
- https://github.com/uhub/awesome-c
- https://github.com/v-rzh/CVE-2021-4034
- https://github.com/valescaalvesc/HTB-PAPER-CTF
- https://github.com/vilasboasph/CVE-2021-4034
- https://github.com/villalbanico9/H4Ts
- https://github.com/villalbanico9/H4ckingTools
- https://github.com/vonglasow/gaia
- https://github.com/vonglasow/shellai
- https://github.com/vrbait1107/CTF_WRITEUPS
- https://github.com/wechicken456/CVE-2021-4034-CTF-writeup
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/wenlianggg/pwnkit-exploit
- https://github.com/whoami-chmod777/Hacking-Articles-Linux-Privilege-Escalation-
- https://github.com/whoforget/CVE-POC
- https://github.com/whokilleddb/CVE-2021-4034
- https://github.com/windware1203/InfoSec_study
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/wongwaituck/CVE-2021-4034
- https://github.com/wrdz13/YearOfTheRabbit-thm
- https://github.com/wudicainiao/cve-2021-4034
- https://github.com/x04000/AutoPwnkit
- https://github.com/x04000/CVE-2021-4034
- https://github.com/xcanwin/CVE-2021-4034-UniontechOS
- https://github.com/xhref/OSCP
- https://github.com/xsudoxx/OSCP
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/xymeng16/security
- https://github.com/youwizard/CVE-POC
- https://github.com/z3dc0ps/awesome-linux-exploits
- https://github.com/zcrosman/cve-2021-4034
- https://github.com/zecool/cve
- https://github.com/zhzyker/CVE-2021-4034
- https://github.com/ziadsaleemi/polkit_CVE-2021-4034
- https://github.com/zxc2007/CVE-2021-4034
