In this post, we’ll be exploring a technique to enumerate Linux processes through a web application vulnerable to LFI (Local File Inclusion). File inclusion vulnerabilities allow attackers to read...

This post walks through the PoC and manual patching of the local privilege escalation vulnerability discovered in polkit’s pkexec, dubbed as PwnKit. Contents Exploit confirmed on fully patche...