diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2011-10-05 05:12:18 -0400 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2011-10-05 05:12:18 -0400 |
| commit | 2fac6419b42c7bd4bef069afc2a0456491afc0dd (patch) | |
| tree | 5ebeb5b5daa3b25e262ce103717ed2912d84d25a | |
| parent | oopsie. (diff) | |
| download | CVE-2011-1485-2fac6419b42c7bd4bef069afc2a0456491afc0dd.tar.xz CVE-2011-1485-2fac6419b42c7bd4bef069afc2a0456491afc0dd.zip | |
Add targets.
| -rw-r--r-- | polkit-pwnage.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/polkit-pwnage.c b/polkit-pwnage.c index 9d11ef9..6f513b7 100644 --- a/polkit-pwnage.c +++ b/polkit-pwnage.c @@ -52,6 +52,13 @@ * uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm) * sh-4.2# * + * ** Targets ** + * This exploit is known to work on polkit-1 <= 0.101. However, Ubuntu, which + * as of writing uses 0.101, has backported 0.102's bug fix. A way to check + * this is by looking at the mtime of /usr/bin/pkexec -- April 22, 2011 or + * later and you're out of luck. It's likely other distributions do the same. + * Fortunately, this exploit is clean enough that you can try it out without + * too much collateral. * * * greets to djrbliss and davidz25. @@ -69,7 +76,7 @@ #include <sys/types.h> #include <sys/inotify.h> -int main(int argc, char **argv) +int main(int argc, char **argv) { printf("=============================\n"); printf("= PolicyKit Pwnage =\n"); |