morrolinuxMay 9

Come funzionano le vulnerabilità di #PrivilegeEscalation #Linux basate su corruzione della Cache? (#CopyFail, #DirtyFrag, #DirtyPipe)

https://youtu.be/1rbvUpTI_OY

CopyFail, DirtyFrag e DirtyPipe: anatomia di un BUG di corruzione della cache.

YouTube
leckseMay 8

Und mit Dirty Frag geht es mit LPEs unter Linux munter weiter.

#DirtyPipe #DirtyFrag #CopyFail #Linux

GitHub - V4bel/dirtyfrag

Contribute to V4bel/dirtyfrag development by creating an account on GitHub.

GitHub
Jérémy -Jeey-May 7

#RevueDePressive

La faille du jour sous Linux : #DirtyFrag
https://github.com/V4bel/dirtyfrag
Grosse faille (à la suite de #DirtyPipe et #CopyFail) !

Malheureusement, à cause de la rupture d'embargo, il n'y a pas encore de patchs disponibles !!!

Le mieux est de supprimer les modules concernés :
sh -c "printf 'install esp4 /bin/false
install esp6 /bin/false
install rxrpc /bin/false
' > /etc/modprobe.d/dirtyfrag.con…

#Linux #Faille #CyberSécurité

https://lesliensde.jeey.net/shaare/Sj8t0A

GitHub - V4bel/dirtyfrag

Contribute to V4bel/dirtyfrag development by creating an account on GitHub.

GitHub
Just Another Blue TeamerJul 15, 2024

Happy Monday everyone!

We are going to start this week off with a nice resource in our #readoftheday! If you have yet to hear about Wazuh, now is your chance! It is a free, open-source security platform that protects data assets from threats [2]. In this article, the researchers cover what abusing Living-off-the-Land binaries (LOLBINs) looks like from the perspective of an Ubuntu and Kali Linux endpoint and focus on the #DirtyPipe exploit and the DDexec utility. After walking readers through the emulation they then discuss how Wazuh helps detect these techniques. It is a good read and a resource I want to get into my own lab to start playing with!

As always, check out the full article and others by Wazuh researchers on their blog and stay tuned for the threat hunting tip of the day! Enjoy and Happy Hunting!

Detecting Living Off the Land attacks with Wazuh
https://wazuh.com/blog/detecting-living-off-the-land-attacks-with-wazuh/

Other reference:
https://github.com/wazuh/wazuh [2]

Intel 471 #CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #Intel471

Detecting Living Off the Land attacks with Wazuh | Wazuh

In this blog post, we explore a Living Off the Land (LOTL) attack that uses legitimate tools, such as cURL and the DDexec utility.

Wazuh
vsocietyAug 31, 2023

🧨Our Newest Article Is Out:
https://www.vicarius.io/vsociety/posts/the-de-vinci-of-dirtypipe-local-privilege-escalation-cve-2022-0847

#linux #cybersecurity #kernel #DirtyPipe #Dirtycow

adingbatponder  👾Mar 27, 2023
#visionfive2 #linux https://github.com/starfive-tech/linux/issues/93 #dirtyPipe #CVE20220847 #CVE-2022-0847 #CVE_2022_0847 #exploit #cve
JH7110_VisionFive2_devel: vulnerable to CVE-2022-0847 aka DirtyPipe exploit · Issue #93 · starfive-tech/linux

Hi, A serious flaw still exists and can affect thousands of VF2's deployed so far. Dirtypipe is easily exploitable, allows to overwrite any file in filesystem not normally writable (permissions che...

GitHub
      0xD Feb 8, 2023
Dirty Pipe: CVE-2022-0847 - I have just completed this room! Check it out: https://tryhackme.com/room/dirtypipe #tryhackme #dirty pipe #CVE-2022-0847 #Linux #Kernel #Privesc #Walkthrough #Tutorial #Beginner #MuirlandOracle #dirty #pipe #dirtypipe via @RealTryHackMe
Dirty Pipe: CVE-2022-0847

Interactive lab for exploiting Dirty Pipe (CVE-2022-0847) in the Linux Kernel

TryHackMe
0xor0neNov 25, 2022

Very cool writeup about the dirty pipe vulnerability (cve-2022-0847) by Valentin Obst and Martin Clauß

https://lolcads.github.io/posts/2022/06/dirty_pipe_cve_2022_0847/

#Linux #kernel #infosec #cybersec #dirtypipe #cve

Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847)

Intro This blog post reflects our exploration of the Dirty Pipe Vulnerability in the Linux kernel. The bug was discovered by Max Kellermann and described here. If you haven’t read the original publication yet, we’d suggest that you read it first (maybe also twice ;)). While Kellermann’s post is a great resource that contains all the relevant information to understand the bug, it assumes some familiarity with the Linux kernel. To fully understand what’s going on we’d like to shed some light on specific kernel internals.

lolcads tech blog
Tarnkappe.infoAug 23, 2022
📬 8 Jahre alte Schwachstelle wurde im Linux Kernel gefunden
#Artikel #Hacking #Softwareentwicklung #CVE20222588 #DirtyCred #DirtyPipe #Linux #LinuxKernel #Schwachstelle #vulnerability https://tarnkappe.info/artikel/schwachstelle-im-linux-kernel-gefunden-254637.html
8 Jahre alte Schwachstelle wurde im Linux Kernel gefunden

Eine 8 Jahre alte Schwachstelle wurde im Linux Kernel gefunden, nach der alten Schwachstelle dirty pipe benannt: DirtyCred

Tarnkappe.info
Teddy / Domingo (🇨🇵/🇬🇧)Mar 16, 2022

#NAS Vendor Says Several of Its Products Likely Contain #Linux #DirtyPipe #Flaw
https://www.darkreading.com/vulnerabilities-threats/nas-vendor-says-several-products-likely-contain-dirty-pipe-flaw

#DirtyPipe #Linux #Flaw Affects a Wide Range of QNAP #NAS #Devices
https://thehackernews.com/2022/03/dirty-pipe-linux-flaw-affects-wide.html?&web_view=true

#security #vulnerabilities

NAS Vendor Says Several of Its Products Likely Contain Linux 'Dirty Pipe' Flaw

QNAP's disclosure this week is the latest reminder of the potentially wide impact of privilege escalation flaw in the Linux kernel.

Dark Reading