darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 1_system_information.sh

Browse Source 
More robust implementation of pkexec binary modification time check with integer comparison instead of date regex grep.

1642035600 == Thursday, January 13, 2022 1:00:00 AM
Which is when it was first patched. We have to check this way because the polkit version number is the same, patched & unpatched.
This commit is contained in:
Kevin Pham 2022-02-02 21:30:43 -08:00 committed by GitHub
parent db89a779ad
commit f3495c48e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
linPEAS/builder/linpeas_parts/1_system_information.sh
View File

@ -22,7 +22,7 @@ fi
echo ""
#-- SY) CVE-2021-4024
if [ `command -v pkexec` ] && stat -c '%a' $(which pkexec) | grep -q 4755 && (stat -c '%y' $(which pkexec) | grep -qvE "2[0-9][2-9][3-9]-|2022-[0-1][2-9]-0[0-9]|2022-01-[2-3][0-9]|2022-01-1[2-9]" ) ; then
if [ `command -v pkexec` ] && stat -c '%a' $(which pkexec) | grep -q 4755 && [ "$(stat -c '%Y' $(which pkexec))" -lt "1642035600" ]; then
echo "Vulnerable to CVE-2021-4024 (polkit privesc)" | sed -${E} "s,.*,${SED_RED_YELLOW},"
fi