All courses
Hamburger Icon
  • Labs icon Lab
  • Security
Google Cloud Platform icon
Labs

CVE-2022-0847 Dirty Pipe: Emulation and Detection

In this lab, you’ll practice vulnerability management by researching, assessing, testing, and mitigating an emerging threat. When you’re finished, you’ll be able to emulate the Dirty Pipe vulnerability, detect attempts to exploit it, and protect your networks and systems.

Get started Contact sales
Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Advanced
Duration
Clock icon 1h 40m
Published
Clock icon Apr 22, 2023

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Getting Started in the Lab Environment

    Just like the universe, your lab is being created from nothing. That can take a couple of minutes, so start here with an explanation of the lab environment and your initial instructions, and you'll be ready to hit the ground running as soon as the sparks stop fizzing off the virtual hard drives.

  2. Challenge

    Emulate

    Determine if the lab system is vulnerable to Dirty Pipe by running a script that checks the Linux kernel version and compares it against known vulnerable versions, then prove that the vulnerability is exploitable by running bleeding edge proof of concept code to gain root access to the system.

  3. Challenge

    Detect

    Create audit rules based on what you’ve learnt about the vulnerability and how it works, to alert on specific system calls.

  4. Challenge

    Protect

    Patch the kernel so that a non-vulnerable version of the splice system call is installed, but retain the original kernel so you carry out further testing.

  5. Challenge

    The Last Challenge

    Welcome to the final challenge! This is your last chance to experiment in the environment. Clicking Finish Lab will end this little world that flittered into existence just for you.

Matthew Lloyd Davies - Labs - Matthew D.
Author
Matthew Lloyd Davies

Matt has a degree in Chemical engineering and a PhD in mathematical chemistry. He is also a GIAC certified incident handler and penetration tester and has regulated cyber security in the UK civil nuclear sector for many years.

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.
Ready to get started?
View individual plans View team plans