Gerard De Las Armas

Jan 27

PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021–4034)

Summary The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default…

Exploit

2 min read

PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021–4034)

Jan 22

[Hack The Box] Forge— Walkthrough

Summary Forge is a simple box that does not involve any guesswork. It is an introduction to Server-Side Request Forgery (SSRF). The main website allowed access to the admin website via SSRF which led to sensitive information disclosure. …

Hacking

6 min read

Jan 18

BitBucket Tar\\../ersal to Remote Code Execution — CVE-2019–3397

I meant to share this two years ago but I didn’t have the time to do so. I created a script that automates the exploitation of the BitBucket Data Center from path traversal to remote code execution. At the time, there were no available exploits so I created one. Description Atlassian…

Exploit

1 min read

$BitBucket Tar\\../ersal to Remote Code Execution — CVE-2019–3397$

Jan 15

[Hack The Box] Developer — Walkthrough

Summary Developer is a HARD Linux machine that was released on 18th of August 2021. This machine hosts Developer CTF (created using Python and Django) where users can register and solve CTF challenges. …

Hacking

14 min read