Sign in

Elevate your privileges with Polkit.

First, I want to thank MuirlandOracle wich created the room Polkit: CVE-2021–3560 on TryHackMe. I wrote this article after doing the room, to help me more understand this vulnerability and to share you the details about it.

Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones. Polkit allows a level of control of centralized system policy. It is developed and maintained by David Zeuthen from Red Hat and hosted by the freedesktop.org project.

According to the Polkit…


A Services based room, extracting information from HTTP Services and finding the hidden messages. This room was created by trb143.

Twins (1988)

Based on the Twins film, find the hidden keys.

Julius and Vincent have gone into the SERVICES market to try and get the family back together.
They have just deployed a new version of their code, but Vincent has messed up the deployment!

Can you help their mother find and recover the hidden keys and bring the family and girlfriends back together?

Enumeration

The first thing I did was to scan the IP with NMAP to learn more about the host…


A Beginner level box with basic web enumeration and REST API Fuzzing. This room was created by sidchn.

Bookstore (TryHackMe)

Enumeration

I started my enumeration phase with Nmap to learn more about the host and the technologies which are running on ports.

kaarb0

Information Security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store