We created a Ubuntu Bionic 18.04.6 LTS virtual machine on GCP.
- Logged into the GCP console and navigated to the "Compute Engine" section.
- Clicked on "VM instances" and then selected "Create Instance." Specified a name for the VM, chose a region and zone, selected the machine type as "Ubuntu Bionic" and clicked “Create”.
- GCP automatically allocated the necessary resources, and the virtual machine was up and running.
By default when we create a VM the default kernel version is ubuntu-pro-bionic-2 5.4.0-1105-gcp. We had to upgrade the Linux kernel version to ubuntu-pro-bionic-1 5.11.0-051100-generic as the vulnerability was fixed after the version. The below commands were executed on the virtual machine to upgrade the kernel version to 5.11.0.
wget https://raw.githubusercontent.com/pimlie/ubuntu-mainline-kernel.sh/master/ubuntu-mainline-kernel.sh
chmod +x ubuntu-mainline-kernel.sh
sudo ./ubuntu-mainline-kernel.sh -i v5.11.0
reboot
git clone https://github.com/raohemanth/cybersec-dirty-pipe-vulnerability.git
cd detection
python3 check_vulnerable.py
Alert: Your system is *extremely* vulnerable! It's absolutely crucial that you *urgently* upgrade your kernel version *immediately* to ensure the safety and security of your system. The risks are *extremely high*, and the consequences of not upgrading could be *catastrophic*. Please take this matter with the utmost seriousness, and do not delay any further!
Proceed with step 4 only if system is vulnerable
sudo apt-get update
sudo apt-get install auditd
cd detection
gcc attack_check.c -o attack_check
First attack checker => python3 audit_attack_check.py
Second attack checker => ./attack_check
cd prevention
gcc prevent-exploit.c -lseccomp -o prevent-exploit
- Hemanth Rao Karade Nagendra
- Aishwarya Jayaramu
- Yemi Kolawole
- Harsh Gupta