Exploits not working on "vulnerable" machine.

[verlotl2000]

Hi,

After watching your video on this exploit I wanted to see if it would work on the bandit machines from the overthewire challenges. Even though the dirty pipe checker says its vulnerable since the version is 5.15.0, when I run exploit 1 it says system() function failed and when I run exploit 2 it says /tmp/sh: permission denied. I've included a screenshot below. Any idea what's causing this? This machine should be vulnerable but its not working so did the guys from bandit labs somehow fix this without updating the kernel?

Thx!

[Turzum]

If when you type uname -r you get something like 5.15.0-25, then you my have a patched version. The problem with dpipe.sh is that it only checks the major version, the minor version and the first part of the patch level. One of the patches 0-25 may have patched the vulnerability. I had a similar issue so I reverted the kernel version to 5.8.0 and it worked.

[C-Terminal]

I can confirm that version 5.15.0-051500rc7-generic is vulnerable. All subsequent minor versions seems to be patched.

[OMARomd23]

The first exploit 'exploit-1' seems to fail but even after it throws that error if you try to log in to the root using the password "piped" it may still work.