exploitdb
WORKING POC
by Lance Biggerstaff · textlocallinux
https://www.exploit-db.com/exploits/50689
This exploit leverages a vulnerability in PolicyKit's pkexec (CVE-2021-4034) to achieve local privilege escalation by manipulating environment variables and loading a malicious shared library via GCONV_PATH. The exploit consists of a shared library (evil.so) that spawns a root shell and a main exploit binary that sets up the environment for exploitation.
Classification
Working Poc 100%
Target:
PolicyKit-1 0.105-31 (pkexec)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
2,027 stars
by berdav · local
https://github.com/berdav/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Access to a vulnerable system with pkexec installed · Ability to compile and execute the exploit
nomisec
WORKING POC
1,283 stars
by ly4k · local
https://github.com/ly4k/PwnKit
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to a vulnerable system · Presence of pkexec binary
nomisec
WORKING POC
1,125 stars
by arthepsy · local
https://github.com/arthepsy/CVE-2021-4034
This repository contains a functional proof-of-concept exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before the patch)
No auth needed
Prerequisites:
Local access to the vulnerable system · gcc compiler available
nomisec
WORKING POC
346 stars
by PwnFunction · local
https://github.com/PwnFunction/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages an out-of-bounds read/write primitive to manipulate environment variables and execute arbitrary code with root privileges.
Classification
Working Poc 100%
Target:
polkit pkexec (version 0.105-26ubuntu1)
No auth needed
Prerequisites:
Access to a vulnerable system with polkit installed · Ability to compile and execute the exploit code
nomisec
WORKING POC
26 stars
by c3c · local
https://github.com/c3c/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared object to gain root privileges.
Classification
Working Poc 95%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
Local access to a vulnerable system · pkexec installed
nomisec
WORKING POC
19 stars
by dadvlingd · local
https://github.com/dadvlingd/CVE-2021-4034
This repository contains functional exploit code for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploits manipulate environment variables and file paths to execute arbitrary code with root privileges via a malicious shared library.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
12 stars
by chenaotian · local
https://github.com/chenaotian/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in PolKit's pkexec. The exploit leverages environment variable manipulation (GCONV_PATH) and a crafted shared object to achieve root access.
Classification
Working Poc 100%
Target:
PolKit (pkexec) versions 2009-2021
No auth needed
Prerequisites:
Local access to a vulnerable system · pkexec with SUID bit set
nomisec
WORKING POC
10 stars
by wudicainiao · local
https://github.com/wudicainiao/cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 95%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to the target system · gcc installed on the target system
nomisec
WORKING POC
8 stars
by rvizx · local
https://github.com/rvizx/CVE-2021-4034
This repository contains a functional Python-based PoC for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
Local access to the target system · gcc installed to compile the shared library
nomisec
WORKING POC
4 stars
by Y3A · local
https://github.com/Y3A/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit manipulates environment variables and leverages a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
Local access to the target system · gcc compiler available
nomisec
WORKING POC
4 stars
by tahaafarooq · local
https://github.com/tahaafarooq/poppy
This repository contains functional exploit code for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 95%
Target:
polkit < 0.120
No auth needed
Prerequisites:
Local access to a vulnerable system · gcc and make installed
nomisec
WORKING POC
4 stars
by TheJoyOfHacking · local
https://github.com/TheJoyOfHacking/berdav-CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Access to a vulnerable system with pkexec installed · Ability to compile and execute the exploit
nomisec
WORKING POC
3 stars
by artemis-mike · local
https://github.com/artemis-mike/cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges. The included Ansible playbook automates the exploitation and verification process.
Classification
Working Poc 95%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
Local access to a vulnerable system · gcc for compiling the exploit
nomisec
WRITEUP
2 stars
by wechicken456 · poc
https://github.com/wechicken456/CVE-2021-4034-CTF-writeup
This repository provides a detailed technical analysis of CVE-2021-4034, including a CTF challenge setup, Ghidra decompilation insights, and exploitation steps. It explains the vulnerability in the context of a custom binary and includes a solve script for the challenge.
Classification
Writeup 95%
Target:
Custom CTF binary (chal) leveraging CVE-2021-4034 (PwnKit)
No auth needed
Prerequisites:
Vulnerable kernel with specific packages installed · Unprivileged user access
nomisec
WORKING POC
2 stars
by Pixailz · local
https://github.com/Pixailz/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages an out-of-bounds read/write primitive to manipulate environment variables and execute arbitrary code with root privileges.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.120)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
2 stars
by Nosferatuvjr · local
https://github.com/Nosferatuvjr/PwnKit
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in Polkit's pkexec. The exploit leverages environment variable injection to execute arbitrary code as root by manipulating the GCONV_PATH variable and creating malicious shared libraries.
Classification
Working Poc 100%
Target:
Polkit pkexec (versions before the patch)
No auth needed
Prerequisites:
Access to a vulnerable system with pkexec installed · Ability to compile the exploit code
gitlab
WORKING POC
1 stars
by FR4NC0X · poc
https://gitlab.com/FR4NC0X/pwnkit-helper
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit downloads and compiles a malicious shared library to gain root access.
Classification
Working Poc 90%
Target:
polkit pkexec (versions before 0.120)
No auth needed
Prerequisites:
gcc · wget · pkexec with SUID bit set
nomisec
SUSPICIOUS
1 stars
by kaisen-bot · poc
https://github.com/kaisen-bot/pwnkit-helper
The repository claims to exploit CVE-2021-4034 (PwnKit) but lacks actual exploit code, instead pushing users to download a ZIP file from an external source. The README is vague and marketing-oriented, with no technical details about the vulnerability.
Classification
Suspicious 90%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to a vulnerable system
nomisec
WORKING POC
1 stars
by jscamposx · poc
https://github.com/jscamposx/hack
This repository contains a compiled exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in Polkit's pkexec component, along with a PHP reverse shell script for post-exploitation. The exploit manipulates environment variables to execute arbitrary code as root.
Classification
Working Poc 95%
Target:
Polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to a vulnerable Linux system with pkexec installed
nomisec
WORKING POC
1 stars
by zaaraZiof0 · local
https://github.com/zaaraZiof0/pkexec-exploit-CVE
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit includes both Python and C implementations, along with a vulnerability detector.
Classification
Working Poc 95%
Target:
polkit's pkexec (versions from 2009 to January 2022)
No auth needed
Prerequisites:
Vulnerable version of polkit with SUID bit set on pkexec
nomisec
WORKING POC
1 stars
by dr4xp · local
https://github.com/dr4xp/pwnkit-helper
This repository contains a Python script that automates the exploitation of CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. It downloads the exploit code from a known source, compiles it, and executes it to gain root access.
Classification
Working Poc 95%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Presence of vulnerable pkexec binary with SUID bit set · GCC or similar compiler to build the exploit
nomisec
WORKING POC
1 stars
by CYB3RK1D · local
https://github.com/CYB3RK1D/CVE-2021-4034-POC
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and the GCONV_PATH mechanism to execute arbitrary code as root.
Classification
Working Poc 95%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
Local access to a vulnerable system · Compilation tools (gcc)
nomisec
WORKING POC
1 stars
by mutur4 · local
https://github.com/mutur4/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and memory corruption to gain root privileges on vulnerable systems.
Classification
Working Poc 95%
Target:
polkit pkexec (versions <= 0.105)
No auth needed
Prerequisites:
Vulnerable version of pkexec with SUID bit set · Access to a local shell on the target system
nomisec
WORKING POC
1 stars
by cdxiaodong · local
https://github.com/cdxiaodong/CVE-2021-4034-touch
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation via environment variable manipulation and a malicious shared library. The exploit uses a crafted environment to trigger arbitrary command execution as root.
Classification
Working Poc 95%
Target:
polkit pkexec (version < 0.120)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
1 stars
by h3x0v3rl0rd · poc
https://github.com/h3x0v3rl0rd/CVE-2021-4034_Python3
This repository contains a functional Python3 exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation via environment variable manipulation and malicious shared library injection.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
Local access to the target system · pkexec installed
nomisec
WORKING POC
1 stars
by A1vinSmith · local
https://github.com/A1vinSmith/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a crafted shared object to gain root access.
Classification
Working Poc 95%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
pkexec with SUID bit set · local access to the system
nomisec
STUB
1 stars
by xcanwin · poc
https://github.com/xcanwin/CVE-2021-4034-UniontechOS
The repository contains only a README file with a brief description of CVE-2021-4034 affecting UniontechOS, but no exploit code or technical details. It lacks depth and functional content.
Target:
UniontechOS (UOS) desktop operating system
Auth required
Prerequisites:
Local access to the target system
nomisec
WORKING POC
1 stars
by jcatala · remote
https://github.com/jcatala/f_poc_cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation via environment variable manipulation and malicious shared library injection.
Classification
Working Poc 100%
Target:
pkexec (polkit)
No auth needed
Prerequisites:
Local access to the target system · Compilation of the provided C code
nomisec
WORKING POC
by Murguii · poc
https://github.com/Murguii/DEV-CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a memory corruption vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and uses a malicious shared library to execute a shell with root privileges.
Classification
Working Poc 95%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WRITEUP
by vaibhavkrishna12004 · poc
https://github.com/vaibhavkrishna12004/ubuntu-privesc-lab
This repository provides a detailed technical walkthrough of exploiting CVE-2021-4034 (PwnKit) for local privilege escalation on Ubuntu, including reconnaissance, credential brute-forcing, and step-by-step exploitation using a compiled exploit from an external source.
Classification
Writeup 90%
Target:
Polkit (pkexec) on Linux systems
Auth required
Prerequisites:
initial access via SSH · compiler tools (gcc, make) · git
nomisec
WORKING POC
by devianntsec · poc
https://github.com/devianntsec/CVE-2021-4034-PwnKit-Masters-Thesis
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec utility. The exploit leverages an out-of-bounds write to inject malicious environment variables, leading to arbitrary code execution as root.
Classification
Working Poc 100%
Target:
polkit (pkexec) versions 0.105-31 and earlier
No auth needed
Prerequisites:
Linux system with vulnerable polkit · GCC compiler · Python 3.6+ · Standard user account
nomisec
WORKING POC
by Allu-mette · poc
https://github.com/Allu-mette/cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in Polkit's pkexec utility. The exploit leverages improper argument handling when argc == 0 to achieve root privileges via a crafted environment variable and embedded shellcode.
Classification
Working Poc 100%
Target:
Polkit (pkexec) versions before 0.105-26ubuntu1.1
No auth needed
Prerequisites:
Unpatched Polkit (pkexec) with SUID bit set · x86_64 Linux environment
nomisec
WORKING POC
by Abbykito · poc
https://github.com/Abbykito/KERNELexploits
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to a vulnerable system · pkexec installed
gitlab
WORKING POC
by zoobab · poc
https://gitlab.com/zoobab/cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · compilation tools (make, gcc)
gitlab
WORKING POC
by Tramadol · local
https://gitlab.com/Tramadol/cve-2021-4034
This is a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. It leverages environment variable manipulation and a malicious shared library to gain root access via setuid calls.
Classification
Working Poc 100%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
local access to the target system · ability to compile and execute the exploit
gitlab
SCANNER
by i7ach1 · poc
https://gitlab.com/i7ach1/pwnkit-cve-2021-4034
This Ansible playbook checks for the presence of the vulnerable pkexec binary and applies a mitigation by changing its permissions. It does not exploit the vulnerability but detects and patches it.
Classification
Scanner 90%
Target:
polkit pkexec (CVE-2021-4034)
Auth required
Prerequisites:
access to target system with Ansible · pkexec binary present
gitlab
WORKING POC
by RekGRpth · local
https://gitlab.com/RekGRpth/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · compilation tools (make, gcc)
nomisec
WORKING POC
by ramahmdr · local
https://github.com/ramahmdr/PwnKit
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Presence of pkexec in /usr/bin/
nomisec
WRITEUP
by boro03 · poc
https://github.com/boro03/CVE-2021-4034
This repository contains documentation and materials for a study on CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec, a SUID-root program part of polkit. The vulnerability allows unprivileged local users to gain root access and has been present since 2009.
Classification
Writeup 90%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system with polkit installed
nomisec
WRITEUP
by BugVex · poc
https://github.com/BugVex/Poison-HTB-Report
This repository contains a detailed technical writeup of exploiting CVE-2021-4034 (PwnKit) on the Hack The Box 'Poison' machine, including step-by-step commands and remediation advice.
Classification
Writeup 95%
Target:
pkexec (versions < 0.105)
Auth required
Prerequisites:
Access to a vulnerable system with pkexec < 0.105 · Ability to compile a shared object payload
nomisec
WORKING POC
by kali-guru · poc
https://github.com/kali-guru/Pwnkit-CVE-2021-4034
This repository contains a Python script that automates the compilation and execution of a known PwnKit (CVE-2021-4034) exploit for local privilege escalation. The script compiles a C-based PoC and executes it to attempt privilege escalation, verifying success by checking root access and reading files in the root directory.
Classification
Working Poc 90%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
GCC installed · CVE-2021-4034-poc.c file present in the same directory
nomisec
WORKING POC
by Z3R0space · poc
https://github.com/Z3R0space/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in Polkit's pkexec component. The exploit leverages improper environment variable handling to achieve arbitrary code execution as root via a crafted shared object and gconv-modules file.
Classification
Working Poc 100%
Target:
Polkit (pkexec) on Unix-like systems
No auth needed
Prerequisites:
Local access to the target system · GCC compiler installed
nomisec
WORKING POC
by Z3R0-0x30 · local
https://github.com/Z3R0-0x30/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in Polkit's pkexec component. The exploit leverages improper environment variable handling to achieve arbitrary code execution as root via a crafted shared object and gconv-modules file.
Classification
Working Poc 100%
Target:
Polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to the target system · GCC compiler installed
nomisec
WORKING POC
by AsierEgana · local
https://github.com/AsierEgana/cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation via environment variable manipulation and a malicious shared library.
Classification
Working Poc 95%
Target:
polkit pkexec (versions before 0.120)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
by ikerSandoval003 · local
https://github.com/ikerSandoval003/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and uses a malicious shared library to spawn a root shell.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
by marcosChoucino · poc
https://github.com/marcosChoucino/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), demonstrating local privilege escalation via environment variable manipulation in pkexec. The attack involves setting malicious environment variables to trigger arbitrary code execution.
Classification
Working Poc 90%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec version
nomisec
WORKING POC
by igonzalez357 · local
https://github.com/igonzalez357/CVE-2021-4034-PwnKit-
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), demonstrating a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation to load a malicious shared library, granting root access.
Classification
Working Poc 100%
Target:
Polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
by nagorealbisu · local
https://github.com/nagorealbisu/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
by 12bijaya · local
https://github.com/12bijaya/CVE-2021-4034-PwnKit-
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), which leverages a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and creates a malicious shared library to gain root access.
Classification
Working Poc 95%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
Local access to the target system · gcc installed for compilation
nomisec
STUB
by dh4r4 · poc
https://github.com/dh4r4/PwnKit-CVE-2021-4034-
The repository contains only a minimal README with no exploit code or technical details. It claims to be a rewrite of the Polkit vulnerability but lacks any substantive content.
Target:
Polkit
No auth needed
nomisec
WORKING POC
by EuJin03 · local
https://github.com/EuJin03/CVE-2021-4034-PoC
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
Local access to a vulnerable system · pkexec installed
nomisec
STUB
by zxybfq · poc
https://github.com/zxybfq/CVE-2021-4034
The repository contains only a README.md file with minimal content (just the CVE identifier) and no exploit code or technical details. It appears to be a placeholder or incomplete repository.
Target:
unknown
No auth needed
nomisec
WORKING POC
by ps-interactive · local
https://github.com/ps-interactive/lab_cve-2021-4034-polkit-emulation-and-detection
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to achieve root access.
Classification
Working Poc 95%
Target:
polkit (pkexec) version 0.105
No auth needed
Prerequisites:
Local access to a vulnerable system · Ability to compile and execute Python code
nomisec
WORKING POC
by evkl1d · local
https://github.com/evkl1d/CVE-2021-4034
This is a functional Python exploit for CVE-2021-4034 (PwnKit), leveraging environment variable manipulation and a malicious shared object to achieve local privilege escalation via pkexec. The exploit follows the original C implementation by blasty, using ctypes to call execve() with crafted environment variables.
Classification
Working Poc 95%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Ability to write files in a directory where pkexec is executed
nomisec
WRITEUP
by LucasPDiniz · local
https://github.com/LucasPDiniz/CVE-2021-4034
This repository provides a detailed technical analysis of CVE-2021-4034 (PwnKit), explaining the out-of-bounds write vulnerability in pkexec due to improper argument handling, which allows local privilege escalation. It includes a walkthrough of the exploit mechanism and references an external exploit script.
Classification
Writeup 95%
Target:
Polkit (pkexec) versions 0.105 and earlier
No auth needed
Prerequisites:
Local access to a vulnerable Linux system with Polkit installed
nomisec
WORKING POC
by X-Projetion · local
https://github.com/X-Projetion/Exploiting-PwnKit-CVE-2021-4034-
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Presence of pkexec in /usr/bin/
nomisec
WORKING POC
by supportingmx · poc
https://github.com/supportingmx/cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared object to gain root privileges.
Classification
Working Poc 95%
Target:
polkit (pkexec) on various Linux distributions
No auth needed
Prerequisites:
Local access to a vulnerable system · Ability to execute commands
nomisec
WORKING POC
by Part01-Pai · poc
https://github.com/Part01-Pai/Polkit-Permission-promotion-compiled
This repository contains a compiled exploit for CVE-2021-4034, a local privilege escalation vulnerability in Polkit's pkexec. The exploit leverages improper environment variable handling to execute arbitrary code with root privileges via a malicious shared library (pwnkit.so).
Classification
Working Poc 95%
Target:
Polkit (pkexec) on systems with glibc 2.23 (e.g., Ubuntu 16.04.7)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable Polkit version
nomisec
WRITEUP
by ASG-CASTLE · poc
https://github.com/ASG-CASTLE/CVE-2021-4034
The repository describes CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec utility due to incorrect handling of environment variables, allowing arbitrary code execution. It lacks actual exploit code but provides a technical overview of the vulnerability.
Classification
Writeup 80%
Target:
polkit pkexec (version not specified)
No auth needed
Prerequisites:
Local access to the target system · pkexec installed and vulnerable
nomisec
WORKING POC
by FancySauce · local
https://github.com/FancySauce/PwnKit-CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
pkexec (PolicyKit) version 0.105
No auth needed
Prerequisites:
gcc compiler on the target system · SUID binary /usr/bin/pkexec present
nomisec
WORKING POC
by Pol-Ruiz · local
https://github.com/Pol-Ruiz/CVE-2021-4034
This repository contains functional exploit code for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages improper environment variable handling to execute arbitrary code with root privileges.
Classification
Working Poc 95%
Target:
pkexec (part of polkit) on Linux systems
No auth needed
Prerequisites:
Local access to a vulnerable Linux system with pkexec installed
nomisec
WORKING POC
by cerodah · local
https://github.com/cerodah/CVE-2021-4034
This repository contains a functional proof-of-concept exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to a vulnerable Linux system with polkit installed · GCC compiler to build the shared library
nomisec
WORKING POC
by JohnGilbert57 · local
https://github.com/JohnGilbert57/CVE-2021-4034-Capture-the-flag
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation (LPE) via environment variable manipulation and malicious gconv-modules configuration.
Classification
Working Poc 95%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
by asepsaepdin · local
https://github.com/asepsaepdin/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec utility. The exploit leverages incorrect handling of environment variables to execute arbitrary code with elevated privileges.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before the fix)
No auth needed
Prerequisites:
gcc · make · access to a vulnerable system
nomisec
WORKING POC
by pyhrr0 · poc
https://github.com/pyhrr0/pwnkit
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious gconv module to gain root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to the target system · Presence of pkexec binary
nomisec
WORKING POC
by fei9747 · local
https://github.com/fei9747/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec) < 0.120
No auth needed
Prerequisites:
Access to a vulnerable system with pkexec installed · Ability to compile C code
nomisec
WORKING POC
by galoget · local
https://github.com/galoget/PwnKit-CVE-2021-4034
This repository contains a functional proof-of-concept exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to the target system · gcc installed on the target system
nomisec
WORKING POC
by toecesws · poc
https://github.com/toecesws/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The PHP script appears to be an obfuscated payload designed to exploit the vulnerability by manipulating environment variables to achieve root access.
Classification
Working Poc 95%
Target:
polkit (pkexec) versions before 0.120
No auth needed
Prerequisites:
Local access to a vulnerable system · Presence of pkexec in the target system
nomisec
WORKING POC
by antoinenguyen-09 · local
https://github.com/antoinenguyen-09/CVE-2021-4034
This repository contains functional exploit code for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious gconv module to gain root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
Local access to a vulnerable system · gcc and make for compilation
nomisec
WORKING POC
by Geni0r · poc
https://github.com/Geni0r/cve-2021-4034-poc
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec) versions before 0.120
No auth needed
Prerequisites:
Local access to the target system · gcc installed
nomisec
WORKING POC
by Silencecyber · poc
https://github.com/Silencecyber/cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation via environment variable manipulation and a malicious shared library. The exploit creates a fake gconv module directory and executes pkexec with crafted environment variables to trigger the vulnerability.
Classification
Working Poc 95%
Target:
polkit pkexec (version < 0.122)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
nomisec
WORKING POC
by HellGateCorp · local
https://github.com/HellGateCorp/pwnkit
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious gconv module to gain root access.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
Local access to a vulnerable system · Presence of pkexec binary
nomisec
WORKING POC
by CronoX1 · local
https://github.com/CronoX1/CVE-2021-4034
This exploit leverages CVE-2021-4034 (PwnKit) to achieve local privilege escalation by manipulating environment variables and abusing pkexec's handling of the GCONV_PATH variable. It compiles a shared library to spawn a root shell and modifies system configurations to grant sudo privileges to a specified user.
Classification
Working Poc 95%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to the target system · GCC or equivalent compiler to build the exploit
nomisec
SUSPICIOUS
by TanmoyG1800 · poc
https://github.com/TanmoyG1800/CVE-2021-4034
The repository contains no exploit code or technical details, only a vague README with a claim to 'get root.' This is characteristic of a social engineering lure.
Classification
Suspicious 90%
Target:
unknown
No auth needed
nomisec
WORKING POC
by 0x4ndy · local
https://github.com/0x4ndy/CVE-2021-4034-PoC
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Local access to a vulnerable system · Presence of pkexec binary
nomisec
WORKING POC
by TotallyNotAHaxxer · local
https://github.com/TotallyNotAHaxxer/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 95%
Target:
polkit's pkexec (versions before 0.120)
No auth needed
Prerequisites:
Local access to the target system · Presence of pkexec binary
nomisec
WORKING POC
by tzwlhack · local
https://github.com/tzwlhack/CVE-2021-4034
This is a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and the GCONV_PATH to execute arbitrary code with root privileges.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
Local access to a vulnerable system · pkexec installed
vulncheck_xdb
WORKING POC
remote
https://github.com/milot/dissecting-pkexec-cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.120)
No auth needed
Prerequisites:
Local access to the target system · gcc compiler to compile the exploit
vulncheck_xdb
WORKING POC
remote
https://github.com/0x05a/my-cve-2021-4034-poc
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging environment variable manipulation to achieve local privilege escalation via pkexec. The exploit creates a malicious gconv module and executes it with elevated privileges.
Classification
Working Poc 95%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
local access to the target system · ability to compile and execute the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/deep-know/CVE-2021-4034
This repository contains functional exploit code for CVE-2021-4034, a local privilege escalation vulnerability in Polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
Polkit (pkexec) versions 0.92 to 0.120
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/TomSgn/CVE-2021-4034
This is a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and GCONV_PATH to execute arbitrary code with root privileges.
Classification
Working Poc 95%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
local access to the target system · pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/nel0x/pwnkit-vulnerability
The repository contains a functional exploit for CVE-2021-4034, a memory corruption vulnerability in Polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges on vulnerable systems.
Classification
Working Poc 100%
Target:
Polkit pkexec (default configuration)
No auth needed
Prerequisites:
gcc · vulnerable pkexec binary · write permissions in the current directory
vulncheck_xdb
WORKING POC
local
https://github.com/edsonjt81/CVE-2021-4034-Linux
This repository contains a functional proof-of-concept exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before the fix)
No auth needed
Prerequisites:
gcc · access to a vulnerable system with pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/ITMarcin2211/Polkit-s-Pkexec-CVE-2021-4034
This repository contains a functional proof-of-concept exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and the gconv module to gain root privileges.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before the patch)
No auth needed
Prerequisites:
gcc · access to a vulnerable system with pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/defhacks/cve-2021-4034
This repository contains a functional Rust-based exploit for CVE-2021-4034 (PwnKit), which leverages environment variable manipulation and a malicious shared library to achieve local privilege escalation via pkexec. The exploit includes a setup script to download a vulnerable version of pkexec and prepares the necessary files for exploitation.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.105-26ubuntu1.2)
No auth needed
Prerequisites:
vulnerable pkexec binary · ability to compile Rust code · write access to a directory where the malicious library can be placed
vulncheck_xdb
WORKING POC
local
https://github.com/Jesrat/make_me_root
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
gcc · local access to the vulnerable system
vulncheck_xdb
WORKING POC
local
https://github.com/Squirre17/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation via environment variable manipulation and a malicious shared library.
Classification
Working Poc 100%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
gcc · access to a vulnerable system with pkexec
vulncheck_xdb
WORKING POC
local
https://github.com/movvamrocks/PwnKit-CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/Tanmay-N/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
access to a vulnerable system with pkexec installed · ability to compile and execute the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/LJP-TW/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in polkit's pkexec to achieve local privilege escalation via environment variable manipulation and a malicious shared library.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · compilation of the malicious shared library
vulncheck_xdb
WORKING POC
local
https://github.com/ck00004/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared object to gain root privileges.
Classification
Working Poc 95%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/x04000/AutoPwnkit
This repository contains a Python script that automates the exploitation of CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The script provides a menu-driven interface to fetch, compile, and execute the exploit, as well as host an HTTP server for file transfer.
Classification
Working Poc 90%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to a vulnerable Linux system with pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/DanaEpp/pwncat_pwnkit
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit automates the compilation and execution of a malicious shared library to gain root privileges.
Classification
Working Poc 95%
Target:
polkit (pkexec)
Auth required
Prerequisites:
Local access to a vulnerable system · pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/an0n7os/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · compilation tools (gcc, make)
vulncheck_xdb
WORKING POC
local
https://github.com/FDlucifer/Pwnkit-go
This repository contains a functional Go-based exploit for CVE-2021-4034 (PwnKit), which achieves local privilege escalation via a vulnerability in polkit's pkexec. The exploit dynamically sets up a malicious GCONV_PATH environment variable to execute arbitrary code as root, and includes a bind shell for post-exploitation.
Classification
Working Poc 95%
Target:
polkit's pkexec (versions before the patch)
No auth needed
Prerequisites:
local access to a vulnerable system · pkexec binary present and vulnerable
vulncheck_xdb
WORKING POC
local
https://github.com/Joffr3y/Polkit-CVE-2021-4034-HLP
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · gcc and make for compilation
vulncheck_xdb
WORKING POC
local
https://github.com/drapl0n/pwnKit
This repository provides a USB-Rubber-Ducky payload that exploits CVE-2021-4034 (pwnKit) for local privilege escalation on Unix-like systems. It includes two payload variations (online/offline) to compile and execute the exploit, spawning a root shell.
Classification
Working Poc 90%
Target:
polkit (pkexec) on Unix-like systems
No auth needed
Prerequisites:
physical access or USB-Rubber-Ducky deployment · victim system with vulnerable polkit version
vulncheck_xdb
WORKING POC
local
https://github.com/G01d3nW01f/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), which is a local privilege escalation vulnerability in pkexec. The script compiles a C-based exploit into a shared object file and serves it via an HTTP server for remote retrieval.
Classification
Working Poc 95%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
gcc · network access to serve the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/Ankit-Ojha16/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
local access to the target system · compilation tools (gcc, make)
vulncheck_xdb
WORKING POC
local
https://github.com/HrishitJoshi/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious gconv module to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
gcc · vulnerable pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/scent2d/PoC-CVE-2021-4034
This PoC exploits CVE-2021-4034 (PwnKit) by manipulating the GCONV_PATH environment variable to execute arbitrary code with root privileges via pkexec. It creates a malicious shared library and leverages improper environment variable handling in polkit's pkexec.
Classification
Working Poc 100%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
gcc · presence of pkexec on the system
vulncheck_xdb
WORKING POC
local
https://github.com/teelrabbit/Polkit-pkexec-exploit-for-Linux
This is a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in Polkit's pkexec. It leverages environment variable manipulation and a malicious shared library to gain root access via improper handling of the GCONV_PATH variable.
Classification
Working Poc 100%
Target:
Polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
gcc · local user access
vulncheck_xdb
WORKING POC
local
https://github.com/Almorabea/pkexec-exploit
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a crafted shared library to achieve root access.
Classification
Working Poc 95%
Target:
polkit's pkexec (versions before the patch)
No auth needed
Prerequisites:
local access to the target system · ability to compile and execute Python scripts
vulncheck_xdb
WORKING POC
local
https://github.com/navisec/CVE-2021-4034-PwnKit
This repository contains a functional Nim-based exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit pkexec (CVE-2021-4034)
No auth needed
Prerequisites:
Local access to a vulnerable system · Presence of pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/0x01-sec/CVE-2021-4034-
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 95%
Target:
polkit's pkexec (versions before 0.122)
No auth needed
Prerequisites:
gcc · access to a vulnerable system
vulncheck_xdb
WORKING POC
local
https://github.com/OXDBXKXO/ez-pwnkit
This repository contains a functional Go-based exploit for CVE-2021-4034 (PwnKit), leveraging a malicious shared library to achieve local privilege escalation via pkexec. The exploit uses environment variable manipulation and a crafted gconv module to execute arbitrary commands as root.
Classification
Working Poc 95%
Target:
pkexec (polkit)
No auth needed
Prerequisites:
Access to a vulnerable system with pkexec installed · Ability to write files to a temporary directory
vulncheck_xdb
WORKING POC
local
https://github.com/TW-D/PwnKit-Vulnerability_CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit pkexec (version 0.105)
No auth needed
Prerequisites:
gcc · access to a vulnerable Linux system with pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/v-rzh/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging an environment variable manipulation vulnerability in pkexec to achieve local privilege escalation. The exploit includes detailed technical analysis in the README, explaining the root cause and the role of the GIO_USE_VFS environment variable.
Classification
Working Poc 100%
Target:
polkit pkexec (versions prior to commit daf3d5c2d15466a267221fcb099c59c870098e03)
No auth needed
Prerequisites:
Access to a vulnerable system with pkexec installed · Ability to compile and execute the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/glowbase/PwnKit-CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec utility. The exploit leverages environment variable manipulation to execute arbitrary code with elevated privileges, including a compiled C exploit and a shell script for user creation and password setting.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.105-26ubuntu1.1 and 0.117-2)
No auth needed
Prerequisites:
local access to the target system · gcc compiler for building the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/Kirill89/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in Polkit's pkexec. The exploit leverages environment variable manipulation to inject a malicious shared library, which is then executed with root privileges.
Classification
Working Poc 100%
Target:
Polkit (policykit-1) versions 0.105-26ubuntu1 and earlier
No auth needed
Prerequisites:
Local access to a vulnerable system · GCC to compile the exploit components
vulncheck_xdb
WORKING POC
local
https://github.com/Rvn0xsy/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation to execute arbitrary code with root privileges, adding a new user 'rooter' with sudo access.
Classification
Working Poc 95%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
Local access to the target system · Presence of pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/oreosec/pwnkit
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit manipulates environment variables and leverages a malicious gconv module to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · gcc compiler
vulncheck_xdb
WORKING POC
local
https://github.com/Yakumwamba/POC-CVE-2021-4034
This repository contains a functional proof-of-concept exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the vulnerable system · gcc to compile the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/JoyGhoshs/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges via pkexec.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before the fix)
No auth needed
Prerequisites:
gcc · access to a vulnerable system · network connectivity for reverse shell (optional)
vulncheck_xdb
WORKING POC
local
https://github.com/jpmcb/pwnkit-go
This repository contains a functional Go-based exploit for CVE-2021-4034 (PwnKit), which leverages a memory corruption vulnerability in pkexec to achieve local privilege escalation. The exploit creates a malicious shared library and manipulates environment variables to execute arbitrary code as root.
Classification
Working Poc 100%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
gcc · vulnerable polkit version
vulncheck_xdb
WORKING POC
local
https://github.com/pengalaman-1t/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · vulnerable version of polkit
vulncheck_xdb
WORKING POC
local
https://github.com/EstamelGG/CVE-2021-4034-NoGCC
This repository contains functional exploit code for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The PoC leverages environment variable manipulation and a crafted shared object to achieve root access.
Classification
Working Poc 95%
Target:
polkit (pkexec), versions before 0.120
No auth needed
Prerequisites:
local access to the target system · compiler to build the PoC
vulncheck_xdb
WORKING POC
local
https://github.com/Fato07/Pwnkit-exploit
This repository contains multiple functional exploits for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploits leverage environment variable manipulation and malicious shared libraries to gain root access.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
Local access to the target system · gcc or equivalent compiler for building the shared library
vulncheck_xdb
WORKING POC
local
https://github.com/deoxykev/CVE-2021-4034-Rust
This repository contains a functional Rust implementation of the CVE-2021-4034 (PwnKit) local privilege escalation exploit. It leverages the vulnerability in polkit's pkexec to gain root access by manipulating environment variables and creating malicious shared objects in /dev/shm.
Classification
Working Poc 100%
Target:
polkit (pkexec) before 2022-01-12
No auth needed
Prerequisites:
pkexec with SUID bit set · unpatched system (pre-2022-01-12)
vulncheck_xdb
WORKING POC
local
https://github.com/DosAmp/pkwned
This repository contains a functional proof-of-concept exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation (LPE) via manipulation of the GCONV_PATH environment variable and a malicious gconv module. The exploit includes multiple components such as a FUSE filesystem to bypass logging and a payload executor to gain root privileges.
Classification
Working Poc 100%
Target:
pkexec (polkit) on systems with vulnerable glibc
No auth needed
Prerequisites:
vulnerable version of pkexec · glibc with vulnerable g_find_program_in_path · ability to compile and execute the exploit components
vulncheck_xdb
WORKING POC
local
https://github.com/Plethore/CVE-2021-4034
This Python script exploits CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. It compiles a shared object file to manipulate environment variables and execute arbitrary commands with root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
gcc · local access to the target system
vulncheck_xdb
WORKING POC
local
https://github.com/luckythandel/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in polkit's pkexec to achieve local privilege escalation via environment variable manipulation and a malicious gconv module.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
gcc · access to a vulnerable system with pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/NiS3x/CVE-2021-4034
This repository contains a functional Proof of Concept (PoC) for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before the fix)
No auth needed
Prerequisites:
gcc · access to a vulnerable system with pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/nikip72/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to achieve root access.
Classification
Working Poc 95%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
local access to the target system · ability to write files in a directory
vulncheck_xdb
WORKING POC
local
https://github.com/ashutoshrohilla/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
local access to the target system · gcc installed
vulncheck_xdb
WORKING POC
local
https://github.com/Al1ex/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before the patch)
No auth needed
Prerequisites:
Local access to the target system · Presence of vulnerable pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/callrbx/pkexec-lpe-poc
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in pkexec. The exploit leverages a race condition and environment variable manipulation to execute arbitrary code as root.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
gcc · make · access to a vulnerable system
vulncheck_xdb
WORKING POC
local
https://github.com/vilasboasph/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the vulnerable system · compilation tools (make, gcc)
vulncheck_xdb
WORKING POC
local
https://github.com/phvilasboas/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
access to a vulnerable system with pkexec installed · ability to compile and execute the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/Anonymous-Family/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before 0.122)
No auth needed
Prerequisites:
gcc · access to a vulnerable system
vulncheck_xdb
WORKING POC
local
https://github.com/luijait/PwnKit-Exploit
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a memory corruption vulnerability in pkexec to achieve local privilege escalation (LPE) by manipulating environment variables and executing arbitrary code with root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
Access to a vulnerable system with pkexec installed · Ability to compile and execute the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/joeammond/CVE-2021-4034
This repository contains a functional Python exploit for CVE-2021-4034 (PwnKit), which leverages a vulnerability in polkit's pkexec to achieve local privilege escalation. The exploit uses environment variable manipulation and a crafted shared library to execute arbitrary code as root.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · ability to execute Python scripts
vulncheck_xdb
WORKING POC
local
https://github.com/robemmerson/CVE-2021-4034
This repository contains functional exploit code for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The PoC leverages environment variable manipulation and the GCONV_PATH mechanism to execute arbitrary code as root.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.105-26ubuntu1.1)
No auth needed
Prerequisites:
vulnerable version of polkit/pkexec · local user access
vulncheck_xdb
WORKING POC
local
https://github.com/whokilleddb/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages an out-of-bounds write in argv[] to gain root privileges by manipulating environment variables and loading a malicious shared library.
Classification
Working Poc 100%
Target:
polkit pkexec (all versions)
No auth needed
Prerequisites:
local access to a vulnerable system · pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/sunny0day/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), which leverages a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and creates a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
local access to the target system · gcc installed
vulncheck_xdb
WORKING POC
local
https://github.com/PeterGottesman/pwnkit-exploit
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable injection and a malicious shared object to gain root privileges.
Classification
Working Poc 100%
Target:
pkexec (polkit)
No auth needed
Prerequisites:
vulnerable version of pkexec · local access to the system
vulncheck_xdb
WORKING POC
local
https://github.com/fdellwing/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec) versions before 0.105-26ubuntu1.1
No auth needed
Prerequisites:
gcc · build-essential · vulnerable polkit version
vulncheck_xdb
WORKING POC
local
https://github.com/san3ncrypt3d/CVE-2021-4034-POC
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit's pkexec (versions before the fix)
No auth needed
Prerequisites:
local access to the target system · gcc installed
vulncheck_xdb
WORKING POC
local
https://github.com/c3l3si4n/pwnkit
This repository contains a functional proof-of-concept exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit manipulates environment variables and leverages a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · gcc compiler installed
vulncheck_xdb
WORKING POC
local
https://github.com/moldabekov/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), which leverages a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and file paths to execute arbitrary code with root privileges, specifically removing the SUID bit from /usr/bin/pkexec.
Classification
Working Poc 95%
Target:
polkit pkexec (version < 0.122)
No auth needed
Prerequisites:
local access to the target system · pkexec installed with SUID bit set
vulncheck_xdb
WORKING POC
local
https://github.com/aus-mate/CVE-2021-4034-POC
This repository contains a functional local privilege escalation (LPE) exploit for CVE-2021-4034 (PwnKit). The exploit leverages a vulnerability in pkexec to execute arbitrary code with root privileges by manipulating environment variables and the GCONV_PATH mechanism.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
gcc · access to a vulnerable system
vulncheck_xdb
WORKING POC
local
https://github.com/LukeGix/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and the GCONV_PATH to execute arbitrary code with elevated privileges.
Classification
Working Poc 100%
Target:
pkexec (polkit)
No auth needed
Prerequisites:
local access to the target system · pkexec SUID binary present
vulncheck_xdb
WORKING POC
local
https://github.com/Nero22k/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit (pkexec)
No auth needed
Prerequisites:
local access to the target system · compilation of the shared library (ezpwn.so)
vulncheck_xdb
WORKING POC
local
https://github.com/N1et/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
polkit pkexec (version before 0.120)
No auth needed
Prerequisites:
local access to the target system · gcc compiler
vulncheck_xdb
WORKING POC
local
https://github.com/kimusan/pkwner
This repository contains functional exploit code for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in Polkit's pkexec. The PoC leverages environment variable manipulation and a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
Polkit pkexec (versions before the fix)
Auth required
Prerequisites:
Local user access · Presence of vulnerable pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/Immersive-Labs-Sec/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in Polkit's pkexec. The exploit manipulates environment variables and leverages a malicious gconv module to execute arbitrary code with elevated privileges.
Classification
Working Poc 100%
Target:
Polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
Local access to the target system · GCC compiler to build the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/zhzyker/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared object to gain root privileges.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
local access to the target system · gcc compiler to build the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/wongwaituck/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging an out-of-bounds write in pkexec to achieve local privilege escalation via environment variable manipulation and LD_PRELOAD injection.
Classification
Working Poc 100%
Target:
polkit pkexec (all versions)
No auth needed
Prerequisites:
gcc · make · access to a vulnerable system with pkexec
vulncheck_xdb
WORKING POC
local
https://github.com/ayypril/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and uses a malicious shared library to gain root access.
Classification
Working Poc 95%
Target:
pkexec (polkit)
No auth needed
Prerequisites:
gcc · access to a vulnerable system with pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/An00bRektn/CVE-2021-4034
This repository contains a functional Go implementation of CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The exploit leverages an out-of-bounds write and environment variable manipulation to execute arbitrary code as root.
Classification
Working Poc 100%
Target:
polkit (pkexec) before version 0.120
No auth needed
Prerequisites:
Local access to a vulnerable system · pkexec with SUID bit set
vulncheck_xdb
WORKING POC
local
https://github.com/Ayrx/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a race condition in pkexec to achieve local privilege escalation (LPE) by manipulating environment variables and executing a malicious shared library.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
gcc · presence of pkexec on the target system
vulncheck_xdb
WORKING POC
local
https://github.com/mebeim/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in Polkit's pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
Polkit pkexec (policykit-1 <= 0.105-31)
No auth needed
Prerequisites:
Vulnerable pkexec binary · GCC for compilation
vulncheck_xdb
WORKING POC
local
https://github.com/nikaiw/CVE-2021-4034
This is a functional exploit for CVE-2021-4034 (PwnKit), leveraging a vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and the GCONV_PATH to execute arbitrary code with root privileges.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
Local access to the target system · Presence of pkexec on the system
vulncheck_xdb
WORKING POC
local
https://github.com/dzonerzy/poc-cve-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious gconv module to execute arbitrary code as root.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
Local access to a vulnerable system · pkexec installed
vulncheck_xdb
WORKING POC
local
https://github.com/Audiobahn/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
local access to the target system · gcc to compile the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/gbrsh/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034 (PwnKit), leveraging a memory corruption vulnerability in pkexec to achieve local privilege escalation. The exploit manipulates environment variables and uses a malicious shared library to gain root access.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
local access to the target system · gcc compiler to build the exploit
vulncheck_xdb
WORKING POC
local
https://github.com/clubby789/CVE-2021-4034
This PoC exploits CVE-2021-4034 (PwnKit) by manipulating environment variables to execute arbitrary code via pkexec. It creates a malicious shared object and gconv-modules file to achieve local privilege escalation.
Classification
Working Poc 100%
Target:
polkit (pkexec) on Linux systems
No auth needed
Prerequisites:
Local access to the target system · Presence of pkexec binary
vulncheck_xdb
WORKING POC
local
https://github.com/ryaagard/CVE-2021-4034
This repository contains a functional exploit for CVE-2021-4034, a local privilege escalation vulnerability in pkexec. The exploit leverages environment variable manipulation and a malicious shared library to gain root privileges.
Classification
Working Poc 100%
Target:
pkexec (part of polkit)
No auth needed
Prerequisites:
local access to the target system · pkexec installed
metasploit
WORKING POC
EXCELLENT
by Qualys Security, Andris Raugulis, Dhiraj Mishra, bwatters-r7 · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2021_4034_pwnkit_lpe_pkexec.rb
This Metasploit module exploits CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. It leverages improper environment variable handling to execute arbitrary code as root.
Classification
Working Poc 100%
Target:
polkit pkexec (versions before 0.122)
No auth needed
Prerequisites:
Local access to a vulnerable system · pkexec binary with setuid bit set