Polkit Authentication Bypass Local Privesc Vulnerability

This paper explains the exploitation of the authentication bypass vulnerability found in polkit, which allows an unprivileged user to call privileged methods by taking root access using dbus.

Key Pointers:

• Understanding the vulnerability and the key terms used throughout the paper
• Understanding how the exploit works
• Taking a look at the severity and scope of impact of this vulnerability
• Setting up the lab for exploitation
• Exploiting the vulnerability and learning how to mitigate it