{"id":28242930,"url":"https://github.com/unicordev/exploit-cve-2021-3560","last_synced_at":"2026-03-05T08:02:45.984Z","repository":{"id":40540711,"uuid":"488025652","full_name":"UNICORDev/exploit-CVE-2021-3560","owner":"UNICORDev","description":"Exploit for CVE-2021-3560 (Polkit) - Local Privilege Escalation","archived":false,"fork":false,"pushed_at":"2022-06-26T16:26:27.000Z","size":79,"stargazers_count":8,"open_issues_count":0,"forks_count":3,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-05T17:38:04.410Z","etag":null,"topics":["cve-2021-3560","exploit","hackthebox","linux","penetration-testing","polkit","proof-of-concept","python","unicord","vulnerability"],"latest_commit_sha":null,"homepage":"https://unicord.dev/exploit-CVE-2021-3560","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/UNICORDev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-05-02T23:56:31.000Z","updated_at":"2024-11-30T21:29:18.000Z","dependencies_parsed_at":"2022-07-27T00:46:54.541Z","dependency_job_id":null,"html_url":"https://github.com/UNICORDev/exploit-CVE-2021-3560","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/UNICORDev/exploit-CVE-2021-3560","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2021-3560","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2021-3560/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2021-3560/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2021-3560/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/UNICORDev","download_url":"https://codeload.github.com/UNICORDev/exploit-CVE-2021-3560/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2021-3560/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30115662,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-05T03:40:26.266Z","status":"ssl_error","status_checked_at":"2026-03-05T03:39:15.902Z","response_time":93,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve-2021-3560","exploit","hackthebox","linux","penetration-testing","polkit","proof-of-concept","python","unicord","vulnerability"],"created_at":"2025-05-19T06:10:00.856Z","updated_at":"2026-03-05T08:02:45.949Z","avatar_url":"https://github.com/UNICORDev.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Exploit for CVE-2021-3560 (Polkit) - Local Privilege Escalation\n\n![GitHub CVE Cover](https://user-images.githubusercontent.com/23003787/172497877-73d7bd84-0dde-411c-af18-03064b459a19.png)\n\n**Like this repo? Give us a ⭐!**\n\n*For educational and authorized security research purposes only.*\n\n## Exploit Author\n[@UNICORDev](https://unicord.dev) by ([@NicPWNs](https://github.com/NicPWNs) and [@Dev-Yeoj](https://github.com/Dev-Yeoj))\n\n## Vulnerability Description\nIt was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\n## Exploit Description\nUse this exploit on a system with vulnerable Polkit software to add a new user with Sudo privileges. Specify a custom username and/or password as CLI arguments, if desired. Once the new user is created, ```su``` to this user and ```sudo su``` for full root privileges.\n\n## Usage\n```bash\n  python3 exploit-CVE-2021–3560.py [-u \u003cusername\u003e -p \u003cpassword\u003e]\n  python3 exploit-CVE-2021–3560.py -h\n```\n\n## Options\n```bash\n  -u    Custom username. Provide username to be created. (Optional)\n  -p    Custom password. Provide password to be configured for user. (Optional)\n  -h    Show this help menu.\n```\n\n## Download\n[Download exploit-CVE-2021-3560.py Here](https://raw.githubusercontent.com/UNICORDev/exploit-CVE-2021-3560/main/exploit-CVE-2021-3560.py)\n\n## Exploit Requirements\n- python3\n- accountsservice\n- gnome-control-center\n- openssl\n- sudo\n\n## Demo\n![zmjijO5](https://user-images.githubusercontent.com/23003787/169427774-e79a6943-d6f3-496c-977c-18a8b1c793fa.gif)\n\n*User in privileged ```wheel``` group.*\n\n## Tested On\nPolkit Version 0.105 (Ubuntu 20.04.2 LTS)\n\n## Applies To\nPolkit Versions 0.0 - 0.118\n\n## Test Environment\n```bash\napt install accountsservice gnome-control-center openssl sudo\n```\n\n## Warning\n⚠️ Running this exploit on a system with a GUI may result in a pop-up password prompt that cannot be closed and may require a full system reboot. You may be able to close this pop-up by clicking \"Cancel\" repeatedly. However, this can fully be avoided if in an SSH or reverse shell session. Simply ```ssh localhost``` to avoid this issue.\n\n## Credits\n- https://nvd.nist.gov/vuln/detail/CVE-2021-3560\n- https://app.hackthebox.com/machines/Paper\n- https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/\n- https://github.com/Almorabea/Polkit-exploit/blob/main/CVE-2021-3560.py\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funicordev%2Fexploit-cve-2021-3560","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Funicordev%2Fexploit-cve-2021-3560","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funicordev%2Fexploit-cve-2021-3560/lists"}