Advertisement
Python253

is_dirty_pipe

Apr 22nd, 2024 (edited)
968
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 3.00 KB | None | 0 0
  1. #!/usr/bin/env python
  2. # -*- coding: utf-8 -*-
  3. # Filename: is_dirty_pipe.py
  4. # Version: 1.00
  5. # Author: Jeoi Reqi
  6.  
  7. """
  8. This script checks if the system is vulnerable to the Dirty Pipe exploit (CVE-2022-0847).
  9. It attempts to exploit the vulnerability by writing one byte to a specified file at offset 1.
  10. If the write operation fails due to a permission error, the system is considered vulnerable.
  11. Otherwise, it is assumed to be not vulnerable.
  12.  
  13. Requirements:
  14. - Python 3.x
  15. - Linux (as the Dirty Pipe exploit specifically targets the Linux kernel)
  16.  
  17. Functions:
  18.    is_vulnerable(path):
  19.        Check if the system is vulnerable to the Dirty Pipe exploit by attempting
  20.        to write one byte to the specified file at offset 1.
  21.  
  22.    main():
  23.        The main function of the script. Calls is_vulnerable function and prints
  24.        the vulnerability status.
  25.  
  26. Usage:
  27.    To use this script, simply run it from the command line:
  28.    $ python is_dirty_pipe.py
  29.  
  30. Additional Notes:
  31. - This script does not actually exploit the vulnerability but rather tests
  32.  for its presence by attempting to perform a write operation.
  33. - It assumes that a permission error indicates vulnerability to the Dirty Pipe exploit.
  34. - It is important to run this script with appropriate permissions, as it attempts to
  35.  write to a file which might require elevated privileges.
  36. """
  37.  
  38. # Obscure the Linux-specific file path
  39. Is_ = "/et"
  40. dirt = "c/sha"
  41. y_Pi = "d"
  42. pe = "ow"
  43. FILE_PATH = (
  44.     Is_ + dirt + y_Pi + pe
  45. )  # Obscured Linux user login password hashes are stored here.
  46.  
  47.  
  48. def is_vulnerable(path):
  49.     """
  50.    Check if the system is vulnerable to the Dirty Pipe exploit.
  51.  
  52.    This function attempts to write one byte to the specified file at offset 1.
  53.    If the write operation fails due to a permission error, the system is considered vulnerable.
  54.    Otherwise, it is assumed to be not vulnerable.
  55.  
  56.    Args:
  57.        path (str): The path to the file to be checked for vulnerability.
  58.  
  59.    Returns:
  60.        bool: True if the system is vulnerable, False otherwise.
  61.    """
  62.     try:
  63.         # Open the file in read-only mode
  64.         with open(path, "rb") as f:
  65.             # Attempt to write one byte at offset 1
  66.             f.seek(1)
  67.             f.write(b"\x00")
  68.         return False  # If write succeeds, the system is not vulnerable
  69.     except PermissionError:
  70.         return True  # If write fails due to permission error, system is vulnerable
  71.     except Exception as e:
  72.         print(f"Error occurred:\n - {e} -\n\t   Are you running a Linux machine?\n")
  73.         return False  # If any other error occurs, assume system is not vulnerable
  74.  
  75.  
  76. def main():
  77.     """
  78.    The main function of the script.
  79.  
  80.    Calls is_vulnerable function and prints the vulnerability status.
  81.    """
  82.     if is_vulnerable(FILE_PATH):
  83.         print("System is vulnerable to Dirty Pipe exploit (CVE-2022-0847)")
  84.     else:
  85.         print("System is not vulnerable to Dirty Pipe exploit (CVE-2022-0847)")
  86.  
  87.  
  88. if __name__ == "__main__":
  89.     main()
  90.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement