Y

YouLibs

Remove Touch Overlay

How Hackers Use PwnKit to Get Root Access in Seconds

Duration: 10:26Views: 33.2KLikes: 1.3KDate Created: Feb, 2022

Channel: Hak5

Tags: snubs cyber security information security shannon morse technology pentesting hack darren kitchen hak5 hack5 hacker pentester red team infosec penetration testing pentest

Description: PwnKit is a Linux exploit that makes privilege escalation trvial for hackers. On this episode of HakByte, @Alex Lynd demonstrates how a 3 second keystroke injection attack can be used to establish a root session on Linux, due to a flaw in the built-in Linux authorization tool called Pkexec. This episode features a DuckyScript capable WiFi Nugget project called the RubberNugget, which allows you to run keystroke injection attacks through a simple hardware interface w/ built in buttons & screen. -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Support the Show! Pick up a WiFi Nugget - wifinugget.com Links: RubberNugget Payload Repository: github.com/HakCat-Tech/RubberNugget RubberNugget Project Page: wifinugget.com/RubberNugget Alex's GitHub: github.com/AlexLynd Alex's Twitter: twitter.com/AlexLynd Alex's Website: alexlynd.com Alex's Youtube: @Alex Lynd -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Chapters: Intro @Alex Lynd : 00:00 What is PolicyKit? 00:17 What is the PwnKit Exploit? 00:42 PwnKit Demo Outline 01:04 Follow Along! 01:14 Understanding Pkexec 01:25 Pkexec Parameter Flaw 03:17 How PwnKit Works 04:22 Keystroke Attack Scope + Setup 05:19 RubberNugget Software 05:48 Payload Overview 06:24 ATTACK DEMO 08:16 PwnKit Implications 09:04 Learn More! 09:35 Outro 10:09 Bloopers 10:19 Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005: -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → hak5.org Shop → hakshop.myshopify.com Subscribe → youtube.com/user/Hak5Darren?sub_confirmation=1 Support → patreon.com/threatwire Contact Us → twitter.com/hak5 Threat Wire RSS → shannonmorse.podbean.com/feed Threat Wire iTunes → itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.