๐ฅ๏ธPwnkit: CVE-2021-4034
Interactive lab for exploiting and remediating Pwnkit (CVE-2021-4034) in the Polkit package
Task 1 - Info Introduction and Deploy!
Deploy the machine by clicking on the green "Deploy" button at the top of this task!
No answer needed
Task 2 - Tutorial Background
Is Pwnkit exploitable remotely (Aye/Nay)?
In which Polkit utility does the Pwnkit vulnerability reside?
Task 3 - Practical Exploitation
Read through the cve-2021-4034-poc.c
file and try to understand how it works. See if you can match this up with the Qualys security advisory and the explanation given in the previous task!
cve-2021-4034-poc.c
file and try to understand how it works. See if you can match this up with the Qualys security advisory and the explanation given in the previous task!No answer needed
Exploit the vulnerability! What is the flag located at /root/flag.txt
?
/root/flag.txt
?[Bonus Question โ Optional] Using the Qualys advisory and the repository linked in the task, try to write your own version of the Pwnkit exploit.
No answer needed
Task 4 - Tutorial Remediations
Read the remediations task
No answer needed
Patch the vulnerability on any Linux devices that you manage!
No answer needed
Task 5 - Info Conclusion
I understand and can use Pwnkit!
No answer needed
Last updated