Task 1- Info Introduction and Deploy
- Deploy the machine by clicking on the green “Deploy” button at the top of this task!
Answer-No Need Answer
Task 2- Tutorial Exploit Background
2.Read the information in the task and understand how Dirty Pipe works.
Answer-No Need Answer
Task 3 -Practical A Weaponised PoC
3.Follow along with the steps described in the task if you haven’t already done so.
Answer-No Need Answer
3.1.Switch user (su) into your newly created root account.
What is the flag found in the /root/flag.txt file?
Answer- THM{MmU4Zjg0NDdjNjFiZWM5ZjUyZGEyMzlm}
3.2.As mentioned previously, we have accidentally overwritten other user accounts by exploiting Dirty Pipe in this manner. This could cause issues for the server; thus, as professionals, we must clean up after our exploits.
Using your root shell, restore the original /etc/passwd file from your backup.
Answer-No Need Answer
Task 4-Practical Bonus Task A Second Exploit
4.Exploit the target using bl4sty’s exploit for Dirty Pipe
Answer-No Need Answer
4.1.Make sure to clean up after yourself!
Remove the SUID binary created by the script (/tmp/sh).
Answer-No Need Answer
4.2.[Optional] Find another exploit for this vulnerability online. Review the code to ensure that it does what it claims to do, then upload it to the target and attempt to exploit the vulnerability a third way.
Answer-No Need Answer
Task 5- Info Conclusion
5.I understand the Dirty Pipe vulnerability!
Answer-No Need Answer
