{"type":"rich","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/p/ptr-yudai/20250914/20250914175615.png","published":"2025-09-14 18:03:26","url":"https://ptr-yudai.hatenablog.com/entry/2025/09/14/180326","provider_url":"https://hatena.blog","author_url":"https://blog.hatena.ne.jp/ptr-yudai/","title":"Dirty Pageflags: Revisiting PTE Exploitation in Linux","height":"190","version":"1.0","author_name":"ptr-yudai","width":"100%","categories":["Exploit"],"html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fptr-yudai.hatenablog.com%2Fentry%2F2025%2F09%2F14%2F180326\" title=\"Dirty Pageflags: Revisiting PTE Exploitation in Linux - CTF\u3059\u308b\u305e\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","description":"TL;DR By flipping the R/W bit in the page table entry of a mapped file (e.g., /etc/passwd), you can gain write access to the file. What is Dirty Pagetable What is Dirty Pageflags Flipping R/W PoC Conclusion What is Dirty Pagetable Dirty Pagetable is a powerful exploitation technique that targets hea\u2026","provider_name":"Hatena Blog","blog_url":"https://ptr-yudai.hatenablog.com/","blog_title":"CTF\u3059\u308b\u305e"}