Precompiled builds for CVE-2021-4034.
Of course you shouldn't trust precompiled builds :)
This release works slightly different: first a minimal shared object is created. This object is packaged into the main binary and dropped upon execution. Musl is used for compilation to minimize dependencies (e.g. specific libc versions maybe?)
- Original advisory by Qualys: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
- Berdav's (Davide Berardi) poc: https://github.com/berdav/CVE-2021-4034
- Blasty's (
[email protected]
) poc: https://haxx.in/files/blasty-vs-pkexec2.c
If you want to build it yourself, modify the targets
file to include the architectures that you need. Then run build.sh
.
You will need Docker.