Closed jm33-m0 closed 1 year ago
https://github.com/jm33-m0/go-lpe/blob/2d593ea9766bda1a52e9ea1a744eb1b06ef848ac/CVE-2021-4034.go#L99-L104
As it executes execve syscall, current process will get replace by pkexec no matter it will successfully execute payload.so or not. Therefore when this exploit fails to call payload.so, calling process emp3r0r will die.
execve
pkexec
payload.so
emp3r0r
See https://github.com/jm33-m0/emp3r0r/issues/250
jm33-m0
commented
1 year ago
https://github.com/jm33-m0/go-lpe/blob/2d593ea9766bda1a52e9ea1a744eb1b06ef848ac/CVE-2021-4034.go#L99-L104
As it executes
execvesyscall, current process will get replace bypkexecno matter it will successfully executepayload.soor not. Therefore when this exploit fails to callpayload.so, calling processemp3r0rwill die.