https://github.com/enty8080/macdirtycow
Example of CVE-2022-46689 aka MacDirtyCow.
https://github.com/enty8080/macdirtycow
cve cve-2022-46689 exploit jailbreak macdirtycow macos
Last synced: 19 days ago
JSON representation
Example of CVE-2022-46689 aka MacDirtyCow.
- Host: GitHub
- URL: https://github.com/enty8080/macdirtycow
- Owner: enty8080
- Created: 2023-03-01T08:23:49.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2023-03-01T08:25:46.000Z (about 2 years ago)
- Last Synced: 2025-03-28T02:53:10.583Z (about 1 month ago)
- Topics: cve, cve-2022-46689, exploit, jailbreak, macdirtycow, macos
- Language: C
- Homepage:
- Size: 1.95 KB
- Stars: 8
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# MacDirtyCow
Example of CVE-2022-46689 aka MacDirtyCow.
## What?
MacDirtyCow is a privilege escalation vulnerability in macOS, similar to the Dirty COW vulnerability in Linux. The vulnerability resides in the copy-on-write (COW) mechanism used by macOS's XNU kernel. The vulnerability allows an attacker to modify read-only root-owned files, which could lead to an attacker gaining root privileges on the affected system.
The vulnerability is caused by a race condition in the way macOS's XNU kernel handles copy-on-write (COW) operations on memory pages. When a memory page is marked read-only, but also marked as copy-on-write, the kernel will create a new copy of the page when a write operation is performed on the page. However, there is a small window of time between the read-only page being checked and the new copy being created where an attacker could modify the page in memory, effectively bypassing the read-only restriction.
## PoC
This code (`poc.c`) opens a file specified as a command line argument and maps it into memory using mmap(). It then creates a copy of the file and modifies the memory-mapped copy of the file by filling it with the character 'A'. Finally, the original file is overwritten with the modified copy of the file.