{"id":21848127,"url":"https://github.com/enty8080/macdirtycow","last_synced_at":"2025-04-14T13:45:42.560Z","repository":{"id":155449472,"uuid":"608056893","full_name":"enty8080/MacDirtyCow","owner":"enty8080","description":"Example of CVE-2022-46689 aka MacDirtyCow.","archived":false,"fork":false,"pushed_at":"2023-03-01T08:25:46.000Z","size":2,"stargazers_count":8,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-28T02:53:10.583Z","etag":null,"topics":["cve","cve-2022-46689","exploit","jailbreak","macdirtycow","macos"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/enty8080.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-03-01T08:23:49.000Z","updated_at":"2024-12-03T09:45:25.000Z","dependencies_parsed_at":"2023-04-27T07:31:18.260Z","dependency_job_id":null,"html_url":"https://github.com/enty8080/MacDirtyCow","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enty8080%2FMacDirtyCow","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enty8080%2FMacDirtyCow/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enty8080%2FMacDirtyCow/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enty8080%2FMacDirtyCow/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/enty8080","download_url":"https://codeload.github.com/enty8080/MacDirtyCow/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248890507,"owners_count":21178448,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve","cve-2022-46689","exploit","jailbreak","macdirtycow","macos"],"created_at":"2024-11-27T23:24:37.716Z","updated_at":"2025-04-14T13:45:42.552Z","avatar_url":"https://github.com/enty8080.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MacDirtyCow\n\nExample of CVE-2022-46689 aka MacDirtyCow.\n\n## What?\n\nMacDirtyCow is a privilege escalation vulnerability in macOS, similar to the Dirty COW vulnerability in Linux. The vulnerability resides in the copy-on-write (COW) mechanism used by macOS's XNU kernel. The vulnerability allows an attacker to modify read-only root-owned files, which could lead to an attacker gaining root privileges on the affected system.\n\nThe vulnerability is caused by a race condition in the way macOS's XNU kernel handles copy-on-write (COW) operations on memory pages. When a memory page is marked read-only, but also marked as copy-on-write, the kernel will create a new copy of the page when a write operation is performed on the page. However, there is a small window of time between the read-only page being checked and the new copy being created where an attacker could modify the page in memory, effectively bypassing the read-only restriction.\n\n## PoC\n\nThis code (`poc.c`) opens a file specified as a command line argument and maps it into memory using mmap(). It then creates a copy of the file and modifies the memory-mapped copy of the file by filling it with the character 'A'. Finally, the original file is overwritten with the modified copy of the file.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fenty8080%2Fmacdirtycow","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fenty8080%2Fmacdirtycow","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fenty8080%2Fmacdirtycow/lists"}