### [CVE-2021-3560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560)
![](https://img.shields.io/static/v1?label=Product&message=polkit&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=polkit%200.119%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863&color=brightgreen)

### Description

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

### POC

#### Reference
- http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html
- https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

#### Github
- https://github.com/0dayNinja/CVE-2021-3560
- https://github.com/0x7n6/OSCP
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xfke/500-free-TryHackMe-rooms
- https://github.com/0xkarthi/Tryhackme-Roadmap
- https://github.com/0xneobyte/TryHackMe-Learning-Path-From-Beginner-to-Expert
- https://github.com/0xsmirk/vehicle-kernel-exploit
- https://github.com/0xsyr0/OSCP
- https://github.com/5thphlame/Free-Rooms-TryHackMe
- https://github.com/AMatheusFeitosaM/OSCP-Cheat
- https://github.com/ARESHAmohanad/THM
- https://github.com/ARESHAmohanad/tryhackme
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Abdulaziz-AlZabin/IEEE_Questions
- https://github.com/Aijoo100/Aijoo100
- https://github.com/AlienTec1908/Drippingblues_HackMyVM_Easy
- https://github.com/Almorabea/Polkit-exploit
- https://github.com/AnastasiaLomova/PR1
- https://github.com/AnastasiaLomova/PR1.1
- https://github.com/AnonymousCTF/TryHackMe-Roadmap
- https://github.com/AnthonyArena95/Cyber-Kill-Chain
- https://github.com/Antoine-MANTIS/POC-Bash-CVE-2021-3560
- https://github.com/AssassinUKG/Polkit-CVE-2021-3560
- https://github.com/BEPb/tryhackme
- https://github.com/Bhagat-CyberWala/TryHackMe-Free-Roadmap
- https://github.com/BigMike-Champ/Capstone
- https://github.com/BizarreLove/CVE-2021-3560
- https://github.com/ButchBytes-sec/TryHackMe
- https://github.com/CharonDefalt/linux-exploit
- https://github.com/CybVulnHunter/TryhackME_Rooms
- https://github.com/Daniel-Ayz/OSCP
- https://github.com/DarknessAdvances/model_search2
- https://github.com/DaveLak/oxasploits
- https://github.com/DelphineTan/CVE-Research-Writeups
- https://github.com/DelphineTan/DelphineTan
- https://github.com/Desm0ndChan/OSCP-cheatsheet
- https://github.com/Desofori/Tryhackme-RoadMap
- https://github.com/Dh4v4l8/TRYHACKME-ROOMS
- https://github.com/DrewSC13/Linpeas
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/EnriqueSanchezdelVillar/NotesHck
- https://github.com/Faizan-Khanx/OSCP
- https://github.com/FirikiIntelligence/Courses
- https://github.com/GibzB/THM-Captured-Rooms
- https://github.com/HadessCS/Awesome-Privilege-Escalation
- https://github.com/Hunterdii/TryHackMe-Roadmap
- https://github.com/Hunterdii/tryhackme-free-rooms
- https://github.com/Ignitetechnologies/Linux-Privilege-Escalation
- https://github.com/KerFew/TryHackMeFreePath
- https://github.com/Kiosec/Linux-Exploitation
- https://github.com/Kyyomaa/CVE-2021-3560-EXPLOIT
- https://github.com/LucasPDiniz/CVE-2021-3560
- https://github.com/LucasPDiniz/StudyRoom
- https://github.com/Ly0nt4r/OSCP
- https://github.com/MandipJoshi/CVE-2021-3560
- https://github.com/Mangesh-Bhattacharya/TryHackMe-Roadmap
- https://github.com/MelvinM8/OSCP
- https://github.com/Meowmycks/OSCPprep-Cute
- https://github.com/Meowmycks/OSCPprep-Sar
- https://github.com/Meowmycks/OSCPprep-hackme1
- https://github.com/MinLouisCyber/500-free-TryHackMe-rooms
- https://github.com/Mohammed-Hafeez-99/THM-checklist
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/NeonWhiteRabbit/CVE-2021-3560
- https://github.com/NovaSystems123/polkadots
- https://github.com/NxPnch/Linux-Privesc
- https://github.com/OlegBr04/Traitor
- https://github.com/Ossito/pentest-notes
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Pratham-verma/TryHackMe-Roadmap
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/Qwertozavr/PR1_3
- https://github.com/Qwertozavr/PR1_3.2
- https://github.com/Qwertozavr/PR1_TRPP
- https://github.com/RACHO-PRG/Linux_Escalada_Privilegios
- https://github.com/ReflectedThanatos/OSCP-cheatsheet
- https://github.com/RicterZ/CVE-2021-3560-Authentication-Agent
- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories
- https://github.com/STEALTH-Z/CVE-2021-3560
- https://github.com/SYRTI/POC_to_review
- https://github.com/SantoriuHen/NotesHck
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/Shayanschakravarthy/tryhackme-free-rooms
- https://github.com/Shinbatsu/awesome-tryhackme
- https://github.com/Shinbatsu/tryhackme-awesome
- https://github.com/SinMaven/BugSauce
- https://github.com/SirElmard/ethical_hacking
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/SpriteCT/TryHackMe
- https://github.com/StivSha/HTB-Paper-ITA
- https://github.com/TieuLong21Prosper/CVE-2021-3560
- https://github.com/Tom-Riddle-4/IEEE_Questions
- https://github.com/TomMalvoRiddle/CVE-2021-3560
- https://github.com/UNICORDev/exploit-CVE-2021-3560
- https://github.com/Valay-2004/THM-Learning-PATH-Beginner-to-Expert-
- https://github.com/VishuGahlyan/OSCP
- https://github.com/WhooAmii/POC_to_review
- https://github.com/WilliamQ28/Worst-autoLinPrivesc
- https://github.com/WinMin/CVE-2021-3560
- https://github.com/XinLiu2025/openkylinsat
- https://github.com/aancw/polkit-auto-exploit
- https://github.com/aasphixie/aasphixie.github.io
- https://github.com/admin-079/CVE-2021-3560
- https://github.com/adnan-kutay-yuksel/tryhackme-all-rooms-database
- https://github.com/akyuksel/tryhackme-all-rooms-database
- https://github.com/anquanscan/sec-tools
- https://github.com/arcslash/exploit_CVE-2021-3560
- https://github.com/asepsaepdin/CVE-2021-1732
- https://github.com/asepsaepdin/CVE-2021-3560
- https://github.com/asepsaepdin/CVE-2021-4034
- https://github.com/asepsaepdin/CVE-2023-22809
- https://github.com/axelmierczuk/privesc
- https://github.com/balajiuk14/tryhackmelearningpath
- https://github.com/beycanyildiz/TryHackMeRoadmap
- https://github.com/bhagat8920/TryHackMe-Free-Roadmap
- https://github.com/binganao/vulns-2022
- https://github.com/boniyeamincse/tryhackmefreeroom
- https://github.com/chandanmallick19/TryHackMe
- https://github.com/chenaotian/CVE-2021-3560
- https://github.com/chorankates/Blunder
- https://github.com/chorankates/Photobomb
- https://github.com/chorankates/RedPanda
- https://github.com/cpu0x00/CVE-2021-3560
- https://github.com/curtishoughton/CVE-2021-3560
- https://github.com/dasarivarunreddy/Tryhackme-RoadMap
- https://github.com/dasarivarunreddy/free-rooms-tryhackme
- https://github.com/e-hakson/OSCP
- https://github.com/edsonjt81/Linux-Privilege-Escalation
- https://github.com/edwinantony1995/Tryhackme
- https://github.com/eljosep/OSCP-Guide
- https://github.com/ellaking94/polkadots
- https://github.com/elouatih/securite_devoirs
- https://github.com/exfilt/CheatSheet
- https://github.com/f4T1H21/CVE-2021-3560-Polkit-DBus
- https://github.com/fazilbaig1/oscp
- https://github.com/hakivvi/CVE-2021-3560
- https://github.com/hktalent/bug-bounty
- https://github.com/huike007/penetration_poc
- https://github.com/huisetiankong478/penetration_poc
- https://github.com/iSTAR-Lab/CVE-2021-3560_PoC
- https://github.com/iSTARLabs/CVE-2021-3560_PoC
- https://github.com/imsalimansari/Try-Hack-Me-Roadmap
- https://github.com/innxrmxst/CVE-2021-3560
- https://github.com/ishowcybersecurity/TryHackMe-Beginner-Roadmap
- https://github.com/jaspreet-infosec/TryHackMe-Roadmap
- https://github.com/jenriquezv/OSCP-Cheat-Sheets
- https://github.com/jitmondal1/OSCP
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/k46th1/Tryhackme-Roadmap
- https://github.com/k4r7h1kn/Tryhackme-Roadmap
- https://github.com/k4r7hx/Tryhackme-Roadmap
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/khulnasoft-lab/awesome-security
- https://github.com/khulnasoft-labs/awesome-security
- https://github.com/krazystar55/tryhackme
- https://github.com/liamg/traitor
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/manas3c/CVE-POC
- https://github.com/markyu0401/CVE-2021-3560-Polkit-Privilege-Escalation
- https://github.com/merlinepedra/TRAITOR
- https://github.com/merlinepedra25/TRAITOR
- https://github.com/mikefak/XDR-PoC
- https://github.com/mr-nobody20/CVE-2021-3560
- https://github.com/n0-traces/cve_monitor
- https://github.com/n3onhacks/CVE-2021-3560
- https://github.com/nanasarpong024/tryhackme
- https://github.com/nisadevi11/Localroot-ALL-CVE
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ochysbliss/My-Tryhackme-
- https://github.com/omaradds1/THM
- https://github.com/onlypwns/htb-writeup
- https://github.com/oscpname/OSCP_cheat
- https://github.com/oxagast/oxasploits
- https://github.com/pakkiraja/TryHackMe_Modules
- https://github.com/parth45/cheatsheet
- https://github.com/pashayogi/ROOT-CVE-2021-3560
- https://github.com/pentestfunctions/thm-room-points
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/puckiestyle/CVE-2021-4034
- https://github.com/qiushan996/PentestWriteups
- https://github.com/reptile0bug/Tryhackme-RoadMap
- https://github.com/revanmalang/OSCP
- https://github.com/rexpository/linux-privilege-escalation
- https://github.com/rishabatra1802/TryHackMe_FreeRooms
- https://github.com/rng70/TryHackMe-Roadmap
- https://github.com/secnigma/CVE-2021-3560-Polkit-Privilege-Esclation
- https://github.com/sengpakrenha/tryhackeme
- https://github.com/smile-e3/vehicle-kernel-exploit
- https://github.com/soosmile/POC
- https://github.com/stormshadow-ops/Local-Privileges-Escalation
- https://github.com/swapravo/polkadots
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/tharushkadinujaya05/TryHackMe-Learning-Path-From-Beginner-to-Expert
- https://github.com/thebugbounter/TryHackMe-Roadmap
- https://github.com/thesakibrahman/THM-Free-Room
- https://github.com/thmrevenant/tryhackme
- https://github.com/thr10en4/htb-writeup
- https://github.com/titusG85/SideWinder-Exploit
- https://github.com/trhacknon/Pocingit
- https://github.com/tufanturhan/Polkit-Linux-Priv
- https://github.com/txuswashere/OSCP
- https://github.com/tyyu3/mitre_example
- https://github.com/uttambodara/TryHackMeRoadmap
- https://github.com/valescaalvesc/HTB-PAPER-CTF
- https://github.com/vankhangk4/linpeas.sh
- https://github.com/whoami-chmod777/Hacking-Articles-Linux-Privilege-Escalation-
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xAKSx/TryHackMe
- https://github.com/xhref/OSCP
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
- https://github.com/zhanpengliu-tencent/medium-cve