Home / exploitsPDF  

Polkit pkexec Local Privilege Escalation

Posted on 03 March 2022

This is a Metasploit module for the argument processing bug in the polkit pkexec binary. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populate the proper environment variables. This exploit is architecture independent.

 

TOP