Enumerating Linux Processes Through LFI

In this post, we’ll be exploring a technique to enumerate Linux processes through a web application vulnerable to LFI (Local File Inclusion). File inclusion vulnerabilities allow attackers to read...

Polkit's Pkexec CVE-2021-4034

This post walks through the PoC and manual patching of the local privilege escalation vulnerability discovered in polkit’s pkexec, dubbed as PwnKit. Contents Exploit confirmed on fully patche...