### [CVE-2021-3560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560)
![](https://img.shields.io/static/v1?label=Product&message=polkit&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863&color=brighgreen)

### Description

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

### POC

#### Reference
- http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html
- https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

#### Github
- https://github.com/0dayNinja/CVE-2021-3560
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xsmirk/vehicle-kernel-exploit
- https://github.com/0xsyr0/OSCP
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Almorabea/Polkit-exploit
- https://github.com/AnastasiaLomova/PR1
- https://github.com/AnastasiaLomova/PR1.1
- https://github.com/AssassinUKG/Polkit-CVE-2021-3560
- https://github.com/BigMike-Champ/Capstone
- https://github.com/BizarreLove/CVE-2021-3560
- https://github.com/CharonDefalt/linux-exploit
- https://github.com/Desm0ndChan/OSCP-cheatsheet
- https://github.com/DrewSC13/Linpeas
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/GibzB/THM-Captured-Rooms
- https://github.com/HadessCS/Awesome-Privilege-Escalation
- https://github.com/Ignitetechnologies/Linux-Privilege-Escalation
- https://github.com/Kyyomaa/CVE-2021-3560-EXPLOIT
- https://github.com/LucasPDiniz/CVE-2021-3560
- https://github.com/LucasPDiniz/StudyRoom
- https://github.com/Ly0nt4r/OSCP
- https://github.com/Meowmycks/OSCPprep-Cute
- https://github.com/Meowmycks/OSCPprep-Sar
- https://github.com/Meowmycks/OSCPprep-hackme1
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/NxPnch/Linux-Privesc
- https://github.com/OlegBr04/Traitor
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Qwertozavr/PR1_3
- https://github.com/Qwertozavr/PR1_3.2
- https://github.com/Qwertozavr/PR1_TRPP
- https://github.com/RACHO-PRG/Linux_Escalada_Privilegios
- https://github.com/RicterZ/CVE-2021-3560-Authentication-Agent
- https://github.com/STEALTH-Z/CVE-2021-3560
- https://github.com/SYRTI/POC_to_review
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/SirElmard/ethical_hacking
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/TieuLong21Prosper/CVE-2021-3560
- https://github.com/TomMalvoRiddle/CVE-2021-3560
- https://github.com/UNICORDev/exploit-CVE-2021-3560
- https://github.com/WhooAmii/POC_to_review
- https://github.com/WinMin/CVE-2021-3560
- https://github.com/aancw/polkit-auto-exploit
- https://github.com/aasphixie/aasphixie.github.io
- https://github.com/anquanscan/sec-tools
- https://github.com/asepsaepdin/CVE-2021-1732
- https://github.com/asepsaepdin/CVE-2021-3560
- https://github.com/asepsaepdin/CVE-2021-4034
- https://github.com/asepsaepdin/CVE-2023-22809
- https://github.com/axelmierczuk/privesc
- https://github.com/binganao/vulns-2022
- https://github.com/chenaotian/CVE-2021-3560
- https://github.com/chorankates/Blunder
- https://github.com/chorankates/Photobomb
- https://github.com/chorankates/RedPanda
- https://github.com/cpu0x00/CVE-2021-3560
- https://github.com/curtishoughton/CVE-2021-3560
- https://github.com/e-hakson/OSCP
- https://github.com/edsonjt81/Linux-Privilege-Escalation
- https://github.com/eljosep/OSCP-Guide
- https://github.com/elouatih/securite_devoirs
- https://github.com/f4T1H21/CVE-2021-3560-Polkit-DBus
- https://github.com/hakivvi/CVE-2021-3560
- https://github.com/hktalent/bug-bounty
- https://github.com/huike007/penetration_poc
- https://github.com/iSTAR-Lab/CVE-2021-3560_PoC
- https://github.com/iSTARLabs/CVE-2021-3560_PoC
- https://github.com/innxrmxst/CVE-2021-3560
- https://github.com/jenriquezv/OSCP-Cheat-Sheets
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/khulnasoft-lab/awesome-security
- https://github.com/khulnasoft-labs/awesome-security
- https://github.com/liamg/traitor
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/manas3c/CVE-POC
- https://github.com/markyu0401/CVE-2021-3560-Polkit-Privilege-Escalation
- https://github.com/merlinepedra/TRAITOR
- https://github.com/merlinepedra25/TRAITOR
- https://github.com/mikefak/XDR-PoC
- https://github.com/mr-nobody20/CVE-2021-3560
- https://github.com/n3onhacks/CVE-2021-3560
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/onlypwns/htb-writeup
- https://github.com/oscpname/OSCP_cheat
- https://github.com/oxagast/oxasploits
- https://github.com/pashayogi/ROOT-CVE-2021-3560
- https://github.com/puckiestyle/CVE-2021-4034
- https://github.com/revanmalang/OSCP
- https://github.com/rexpository/linux-privilege-escalation
- https://github.com/secnigma/CVE-2021-3560-Polkit-Privilege-Esclation
- https://github.com/smile-e3/vehicle-kernel-exploit
- https://github.com/soosmile/POC
- https://github.com/stormshadow-ops/Local-Privileges-Escalation
- https://github.com/swapravo/polkadots
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/thesakibrahman/THM-Free-Room
- https://github.com/thr10en4/htb-writeup
- https://github.com/trhacknon/Pocingit
- https://github.com/tufanturhan/Polkit-Linux-Priv
- https://github.com/txuswashere/OSCP
- https://github.com/tyyu3/mitre_example
- https://github.com/valescaalvesc/HTB-PAPER-CTF
- https://github.com/whoami-chmod777/Hacking-Articles-Linux-Privilege-Escalation-
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xhref/OSCP
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve