CVE-2011-1485

This Metasploit module exploits a race condition in PolicyKit's pkexec (CVE-2011-1485) to escalate privileges to root. It leverages a writable directory to execute arbitrary commands via a crafted payload.

This exploit leverages a race condition in pkexec (CVE-2011-1485) to gain root privileges by manipulating file permissions and executing a shell with elevated privileges. It uses pipes and process forking to exploit the vulnerability.

This exploit leverages a race condition in PolicyKit (CVE-2011-1485) by using inotify to detect when /proc/PID is accessed and then executing a setuid binary to trick pkexec into granting root privileges.

This repository contains a functional exploit for CVE-2011-1485, a local privilege escalation vulnerability in PolicyKit (pkexec). The exploit leverages a race condition in pkexec to gain root privileges by manipulating file permissions and executing arbitrary commands.

This Metasploit module exploits a race condition in PolicyKit's pkexec (CVE-2011-1485) to escalate privileges to root. It leverages a time-of-check to time-of-use (TOCTOU) vulnerability by manipulating file descriptors and environment variables during pkexec execution.