CVE-2021-4034 PoC — polkit 缓冲区错误漏洞

Source

Associated Vulnerability

Description

This repository contains ZAARA's implementation of the exploit for CVE-2021-4034 (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. This tool demonstrates advanced exploitation techniques while maintaining operational security.

Readme

# 
# PwnKit Exploit - CVE-2021-4034
**Local Privilege Escalation in polkit's pkexec**

![Python](https://img.shields.io/badge/python-3.6+-blue.svg)
![Platform](https://img.shields.io/badge/platform-linux-lightgrey.svg)
![License](https://img.shields.io/badge/license-MIT-green.svg)
![CVE](https://img.shields.io/badge/CVE-2021--4034-critical.svg)

## 🔥 THINK SMART. HACK SAFE. STAY HIDDEN.

## 📖 Overview

This repository contains my implementation of the exploit for **CVE-2021-4034** (PwnKit), a local privilege escalation vulnerability in polkit's pkexec. The vulnerability allows unprivileged users to gain root privileges on vulnerable Linux systems.

**Author**: **ZAARA** - Founder of **Team-Phazto**

## 🚨 Vulnerability Details

- **CVE ID**: CVE-2021-4034
- **CVSS Score**: 7.8 (High)
- **Affected Versions**: polkit from 2009 to January 2022
- **Vector**: Local Privilege Escalation
- **Component**: polkit's pkexec

## 🛠️ Installation

```bash
git clone https://github.com/zaaraZiof0/pwnkit-exploit-CVE.git
cd pwnkit-exploit-CVE
chmod +x zaara_pwnkit.py
```

## 🎯 Usage

### Basic Exploitation
```bash
python3 zaara_pwnkit.py
```

### Stealth Mode
```bash
python3 zaara_pwnkit.py --stealth
```

### Vulnerability Assessment
```bash
python3 zaara_pwnkit.py --recon
```

### Help Menu
```bash
python3 zaara_pwnkit.py --help
```

## 📁 Files

- `zaara_pwnkit.py` - Main exploit script
- `phazto_helper.c` - C version helper
- `team_phazto_detector.py` - Vulnerability detector
- `requirements.txt` - Python dependencies

## 🔍 Features

- ✅ **Stealth Operation** - Minimal footprint
- ✅ **Auto-detection** - System vulnerability assessment
- ✅ **Multiple Payloads** - Adaptive exploitation methods
- ✅ **Clean Execution** - Automated cleanup
- ✅ **Error Handling** - Robust operation

## 🧪 Compatibility

**Tested Environments**:
- Ubuntu 18.04/20.04/22.04
- CentOS 7/8
- Debian 10/11
- Kali Linux 2021+

**Requirements**:
- Python 3.6+
- GCC compiler
- Linux operating system

## 🛡️ Mitigation

### System Hardening
```bash
# Remove SUID bit temporarily
sudo chmod 0755 /usr/bin/pkexec

# Update polkit package
sudo apt update && sudo apt upgrade policykit-1
```

## ⚠️ Legal & Ethical Notice

**Authorized Use Only**:
- Penetration testing with written permission
- Security research and education
- Defensive security training

**⚠️ WARNING**: Unauthorized use of this tool is illegal. The author is not responsible for any misuse.

## 👥 Team-Phazto

**Founder**: ZAARA  
**Mission**: Advanced cybersecurity research and ethical tradecraft development.





---

**ZAARA**  
**THINK SMART. HACK SAFE. STAY HIDDEN.**

File Snapshot

 [4.0K]  /data/pocs/2a6f4a61677c19948f42825debd00bee8dcbb2a1
├── [1.1K]  LICENCE
├── [2.8K]  phazto_helper.c
├── [2.6K]  README.md
├── [ 230]  requirements.txt
├── [6.1K]  team_phazto_detector.py
└── [9.4K]  zaara_pwnkit.py

1 directory, 6 files

Remarks