Hi Salvatore, Ozgur, You posted this url; https://www.debian.org/security/2016/dsa-3696
I've been looking in to this exploit, and did what Ozgur found on Github, and I learned that my system is vulnerable. I had a difference, which is that dirtyc0w, did overwrite the read-only 'foo' file, but it hang, and it also did write up to the length of the original content of that file. So my 'foo' was six bytes long and I attempted to overwrite with a longer sequence, and it stopped. After seeing this had happened, I started over with a new 'foo' file, and this time I attempted a shorter byte sequence and it also hang. From what I've read, it doesn't seem to hang. I'm guessing that overwriting the sudoers file for example would make the exploiter a rooted user on the exploited system.. But, I have looked for a update and I went to Debian package search and searched for; 'kernel image 686 pae' [https://packages.debian.org/search?suite=stable§ion=all&arch=any&searchon=names&keywords=kernel+image+686+pae] This gave one result, which is; 'kernel-image-3.16.0-4-686-pae-di' and written with that, 'Linux kernel binary image for the Debian installer 3.16.36-1+deb8u1: i386' And I read that I need a '+deb8u2' kernel? Can someone explain to me what to do next? I have the assumption that a 'apt-get install "name-of-required-kerne-package"' would be sufficient? If not, can someone point me in the right direction on what to do, because the link Salvatore posted, it says on that page; 'For the stable distribution (jessie), these problems have been fixed in version 3.16.36-1+deb8u2. We recommend that you upgrade your linux packages.' -- Richard Waterbeek <richard...@versatel.nl> Salvatore Bonaccorso schreef op ma 07-11-2016 om 17:09 [+0100]: > Hi, > > On Mon, Nov 07, 2016 at 06:54:55PM +0300, Ozgur wrote: > > Hi all, > > > > I have been reading security articles and I seen a test with Debian Linux > > vulnerability of kernel. I tested and given a successful exploit. > > > > List a vuln: > > > > https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs > > > > My testing: > > > > dirtycow.c (status: success) > > cowroot.c (status: success) > > > > For example, I have installed Debian and kernel version are as follow: > > > > Linux 3.16.0-4-amd64 (Debian 8.6) > > > > I created a "zoo" file with root privileges and locked a file: > > > > # echo I'm a root > foo > > # chmod 0404 foo > > # ls -la foo > > -r-----r-- 1 root root 11 Nov 7 10:13 foo > > > > then I'm return my user (not root) and I downloaded the exploit script and > > run it: > > > > $ gcc -pthread dirtyc0w.c -o dirtyc0w > > $ ./dirtyc0w foo blabla > > $ cat foo > > blabla > > > > what is the suggestion on this exploit? > > Have you installed the Kernel update as per the security advisory > DSA-3696-1? Which kernel image do you have installed, which kernel is > running? > > [0] https://www.debian.org/security/2016/dsa-3696 > > Regards, > Salvatore >