07. Dirty COW - tandihansvin/EthicalHacking GitHub Wiki
Introduction
What is Dirty Cow ?
Dirty COW (Copy-On-Write) is one of the famous Linux kernel vulnerabilities. It can be used to perform priviledge-escalation by running a program that could cause race condition in the implementation of the copy-on-write mechanism in the kernel's memory-management subsystem. The changes are commited to storage, allowing non-root user overwrite a file that is owned by root user.
Race Condition
A race condition is an undesirable condition when a program is running at a bad timing which will cause data changes and will affect other's program result. A race condition occurs when two or more threads can access shared data and they try to change it at the same time. It becomes a bug when events do not happen in the order the programmer intended.
Demonstration
Prequisite
Make sure the computer is already installed gcc. It is not installed yet, you can simply run sudo apt install gcc and to test if the gcc is already run properly:
Make a simple c program, just to print something to the screen.
1. Log in as normal user
As a normal user, we can not write a file that is owned by root.
2. Download dirty cow code
You can download dirty COW code from here and save it as dirtyCow.c
3. Compile and run the code
.jpg)
Afterward, you will directly become root user
.jpg)