đŸ–„ïžPwnkit: CVE-2021-4034

Interactive lab for exploiting and remediating Pwnkit (CVE-2021-4034) in the Polkit package

https://tryhackme.com/room/pwnkit
Room Attributes
Value

Subscription Required

False [Free]

Type

Walkthrough

Difficulty

Info

Tags

Polkit, Pwnkit, Linux, CVE-2021-4034

Task 1 - Info Introduction and Deploy!

Deploy the machine by clicking on the green "Deploy" button at the top of this task!

Task 2 - Tutorial Background

Is Pwnkit exploitable remotely (Aye/Nay)?

Reveal Flag đŸš©

đŸš©Nay

In which Polkit utility does the Pwnkit vulnerability reside?

Reveal Flag đŸš©

đŸš©pkexec

Task 3 - Practical Exploitation

Read through the cve-2021-4034-poc.c file and try to understand how it works. See if you can match this up with the Qualys security advisory and the explanation given in the previous task!

Exploit the vulnerability! What is the flag located at /root/flag.txt?

Reveal Flag đŸš©

đŸš©THM{CONGRATULATIONS-YOU-EXPLOITED-PWNKIT}

[Bonus Question — Optional] Using the Qualys advisory and the repository linked in the task, try to write your own version of the Pwnkit exploit.

Task 4 - Tutorial Remediations

Read the remediations task

Patch the vulnerability on any Linux devices that you manage!

Task 5 - Info Conclusion

I understand and can use Pwnkit!

Last updated