CVE-2021-4034 - PwnKit

Share
Embed
  • Published on:  Thursday, January 27, 2022
  • *any action done in the video is only for educational purpose only*

    0:00 - Intro
    0:21 - Viewing repositories & POC
    1:38 - Creating a script to compile & run our exploit for us
    3:02 - Start of simple http.server
    3:10 - Cheking sudo privileges and Ubuntu version
    3:53 - Using curl to get our file from our server to compile and get root on the target machine
    4:30 - Viewing documentation to remove pkexec as a SUID & viewing traces
    5:35 - Trace of exploitation under auth.log
    6:25 - Removing SUID to prevent from someone running this exploit against you, for now

Comment