关联漏洞
标题:Linux kernel 竞争条件问题漏洞 (CVE-2016-5195)Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 2.x至4.8.3之前的4.x版本中的mm/gup.c文件存在竞争条件问题漏洞,该漏洞源于程序没有正确处理copy-on-write(COW)功能写入只读内存映射。本地攻击者可利用该漏洞获取权限。
Description
Dirtycow also is known as CVE-2016-5195
介绍
Dirtycow also known as CVE-2016-5195 and it's very populer vulnerability of past time.
First of all choose the fitted Linux version for that vulnerability.
then install or run it on VBOX or VMWare .
after install it follow those instructions.
1. Create a user without having root access.
2. Log into that created user.
3. Create directory.
4. Create root access to ‘.txt’ document and give to it read only permission.
5. Compile and run the ‘.c’ file in where the ‘.txt’ file created.
6. Then run it.,
before it running there are two arguments want to give to it.
./compile_name_of_file_created r-only file write_here_something
文件快照
[4.0K] /data/pocs/c6a074bfb898bc1f6ec8af4e46dff17fabdd8ac7
├── [2.8K] dirty.c
├── [1.3M] IT19154640 SNP.pdf
├── [ 644] README.md
└── [ 601] readme.txt
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。