Three Pages This week’s issue for discussion is a very old bug in the Linux polkit package,? which is a local privilege escalat

Three Pages

This week's issue for discussion is a very old bug in the Linux polkit package,  which is a local privilege escalation attack against the 'pkexec' program.

This was actually discovered back in 2013 – https://ryiron.wordpress.com/2013/12/16/argv-silliness/ (Links to an external site.) – but wasn't really understood to be exploitable at that time. One axiom of security is that security flaws only get worse with time, and this is a perfect example. An oddity in pkexec was found by Qualys to be exploitable. https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 (Links to an external site.)

Read the blog above, and discuss how factual it is.  For example, is polkit actually installed by default everywhere? What's the impact of this issue? What does it allow someone to do if polkit is in fact installed? What mitigations are available to remove the impact?

Part 2

Use the research sources and tools described in Chapter 1 and the lecture slides to collect what information you can on a company of your choice. Prepare a short report (no more than 4-5 pages) and deliver by the next class.

Please use a tool such as Maltego or Recon-NG to create your report – these are available from Kali.

Important: This is a footprinting exercise, NOT a scanning exercise. Passive lookups only!