Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/firefart/dirtycow
Dirty Cow exploit - CVE-2016-5195
https://github.com/firefart/dirtycow
cve-2016-5195 dirtycow exploit
Last synced: 4 days ago
JSON representation
Dirty Cow exploit - CVE-2016-5195
- Host: GitHub
- URL: https://github.com/firefart/dirtycow
- Owner: firefart
- Created: 2016-11-25T21:08:01.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2021-04-08T11:35:12.000Z (over 3 years ago)
- Last Synced: 2024-10-14T17:17:44.729Z (3 months ago)
- Topics: cve-2016-5195, dirtycow, exploit
- Language: C
- Homepage:
- Size: 7.81 KB
- Stars: 853
- Watchers: 9
- Forks: 428
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# dirtycow
This exploit uses the pokemon exploit of the dirtycow vulnerability as a base and automatically generates a new passwd line.
The user will be prompted for the new password when the binary is run.
The original /etc/passwd file is then backed up to /tmp/passwd.bak and overwrites the root account with the generated line.
After running the exploit you should be able to login with the newly created user.
To use this exploit modify the user values according to your needs.
The default user being created is `firefart`.
Original exploit (dirtycow's ptrace_pokedata "pokemon" method):
https://github.com/dirtycow/dirtycow.github.io/blob/master/pokemon.c
Compile with:
```bash
gcc -pthread dirty.c -o dirty -lcrypt
```
Then run the newly create binary by either doing:
```bash
./dirty
```
or
```bash
./dirty my-new-password
```
Afterwards, you can either `su firefart` or `ssh firefart@...`
**DON'T FORGET TO RESTORE YOUR /etc/passwd AFTER RUNNING THE EXPLOIT!**
```bash
mv /tmp/passwd.bak /etc/passwd
```
Exploit adopted by Christian "FireFart" Mehlmauer
https://firefart.at