Dirty Pipe (CVE-2022-0847) temporary root PoC for Android.
Currently only run on Pixel 6 with security patch level from 2022-02-05 to 2022-04-05. Don't use on other devices or other versions. It must crash (reboot).
There is possiblity to brick your phone by using this tool. Use it at your own risk. Especially, don't update/install magisk from magisk app. It will cause permanent brick.
- Download binary from release page.
- Setup adb (android platform tools).
- Launch run.bat (For Windows) or run.sh (For Linux/Mac)
- If you get
'adb' is not recognized ...
errors, check to add adb to PATH.
- If you get
- You now get temporary root access
- Don't use install button on magisk app. It will brick your phone.
- Don't reboot even if magisk app request. It will lose temporary root.
- Only support root access. No magisk/zygisk modules support.
- Install Android NDK
- Set PATH for aarch64-linux-android31-clang
export PATH=$PATH:$ANDROID_NDK/toolchains/llvm/prebuilt/linux-x86_64/bin
- Run make
$ make
- Download Pixel 6 kernel source. Link
- Put mymod directory on kernel/private/google-modules/
- Apply mymod/build-script-patch.patch to kernel/private/gs-google
- Run build script
# For the first build
$ LTO=thin ./build/build.sh
# For faster rebuild (skip full rebuild)
$ SKIP_MRPROPER=1 SKIP_DEFCONFIG=1 LTO=thin ./build/build.sh
See here
Stop using insecure telnet- Make apk
Install Magisk- Add device support