๐งปDirty Pipe: CVE-2022-0847
Interactive lab for exploiting Dirty Pipe (CVE-2022-0847) in the Linux Kernel
Room Attributes
Value
Subscription Required
False [Free]
Type
Walkthrough
Difficulty
Info
Tags
Dirty Pipe, CVE-2022-0847, Linux, Kernel
Task 1 - Info Introduction and Deploy
Deploy the machine by clicking on the green "Deploy" button at the top of this task!
No answer needed
Task 2 - Tutorial Vulnerability Background
Read the information in the task and understand how Dirty Pipe works.
No answer needed
Task 3 - Practical A Weaponised PoC
Follow along with the steps described in the task if you haven't already done so.
No answer needed
Switch user (su
) into your newly created root account. What is the flag found in the /root/flag.txt
file?
su
) into your newly created root account. What is the flag found in the /root/flag.txt
file?As mentioned previously, we have accidentally overwritten other user accounts by exploiting Dirty Pipe in this manner. This could cause issues for the server; thus, as professionals, we must clean up after our exploits. Using your root shell, restore the original /etc/passwd
file from your backup.
/etc/passwd
file from your backup.No answer needed
Task 4 - Practical Bonus Task A Second Exploit
Exploit the target using bl4sty's exploit for Dirty Pipe
No answer needed
Make sure to clean up after yourself! Remove the SUID binary created by the script (/tmp/sh
).
/tmp/sh
).No answer needed
[Optional] Find another exploit for this vulnerability online. Review the code to ensure that it does what it claims to do, then upload it to the target and attempt to exploit the vulnerability a third way.
No answer needed
Task 5 - Info Conclusion
I understand the Dirty Pipe vulnerability!
No answer needed
Last updated