Chains
TTPs
Blog
Login
Prelude chain browser
LPE in polkit (CVE-2021-4034)
This technique is a Local Privilege Escalation in polkit's pkexec enabling a user to spawn a root shell. The vulnerability is present in all major distros since May 2009. PoC by @bl4sty - https://haxx.in/files/blasty-vs-pkexec.c
2022-01-26
Community
This is a community attack chain. Download Prelude Operator to use this chain for free.
Authors:
vvx7
Execute this chain
Download Operator (1.7.1)
Learn about Operator
TTPs
Spawn elevated Pneuma via CVE-2021-4034
Tactics
Privilege-escalation
Other chains in this theme
Spring4Shell
2022-04-21
Initial Access via Spring4Shell Exploit
Dirty Pipe CVE-2022-0847
2022-03-14
Allows an attacker to modify arbitrary read-only files.
Log4j Infrastructure
2022-01-13
Stand up infrastructure to exploit CVE-2021-44228.