GitHub
github.com › firefart › dirtycow
GitHub - firefart/dirtycow: Dirty Cow exploit - CVE-2016-5195 · GitHub
This exploit uses the pokemon exploit of the dirtycow vulnerability as a base and automatically generates a new passwd line. The user will be prompted for the new password when the binary is run.
Starred by 937 users
Forked by 427 users
Languages C
Linux - The Dirty Pipe Vulnerability documentation
I'm having serious trust issues thanks to the name of this vulnerability. I really don't want to have to have the "talk" with HR based on my search history getting flagged. EDIT: You're all a pack of bastards - never change. Upvotes for everybody! More on reddit.com
CVE-2016-5195: Dirty COW explained
is it just me or does this blog have terrible mobile line length More on reddit.com
Videos
GitHub
github.com › caldonovan › Dirty-COW-Exploit
GitHub - caldonovan/Dirty-COW-Exploit · GitHub
"A race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the ...
Starred by 6 users
Forked by 3 users
Languages C
Factsheet
CVE identifier CVE-2016-5195
Discoverer Vulnerability: unknown
Exploit code: Phil Oester
Exploit code: Phil Oester
Affected software Linux kernel (<4.8.3)
CVE identifier CVE-2016-5195
Discoverer Vulnerability: unknown
Exploit code: Phil Oester
Exploit code: Phil Oester
Affected software Linux kernel (<4.8.3)
Wikipedia
en.wikipedia.org › wiki › Dirty_COW
Dirty COW - Wikipedia
April 1, 2026 - Dirty Cow was one of the first security issues transparently fixed in Ubuntu by the Canonical Live Patch service. It has been demonstrated that the vulnerability can be utilized to root any Android device before Android version 7 (Nougat). The vulnerability has existed in the Linux kernel since version 2.6.22 released in September 2007, and there is information about it being actively exploited ...
Dirtycow
dirtycow.ninja
Dirty COW (CVE-2016-5195)
An exploit using this technique has been found in the wild from an HTTP packet capture according to Phil Oester. This FAQ provides answers to some of the most frequently asked questions regarding the Dirty COW vulnerability.
GitHub
github.com › mzet- › linux-exploit-suggester › issues › 76
Exploit Dirty cow 2 has been moved permanently. · Issue #76 · The-Z-Labs/linux-exploit-suggester
June 24, 2020 - First of all thank you for this amazing tool, I want a small correction in an exploit download page suggested by linux-exploit-suggester for Dirty Cow 2 https://www.exploit-db.com/exploits/40847.cp...
Author The-Z-Labs
VK9 Security
vk9-sec.com › cve-2016-5195privilege-escalation-dirtycow-ptrace_pokedata-race-condition
(CVE-2016-5195)[Privilege Escalation] – Dirtycow -‘PTRACE_POKEDATA’ Race Condition | VK9 Security
In Dirty COW, an attacker could exploit a race condition in the COW mechanism to gain write access to read-only memory mappings. By doing so, they could alter sensitive data or execute arbitrary code within the kernel space, potentially achieving privilege escalation.
University of Toronto
cs.toronto.edu › ~arnold › 427 › 18s › 427_18S › indepth › dirty-cow › index.html
Dirty Cow
Dirty COW was a vulnerability in the Linux kernel. It allowed processes to write to read-only files. This exploit made use of a race condition that lived inside the kernel functions which handle the copy-on-write (COW) feature of memory mappings. An example use case includes over-writing a ...
YouTube
youtube.com › watch
Dirty COW exploit walkthrough under 7 minutes | Linux Privilege Escalation - YouTube
This video explains the Dirty COW exploit through a walkthrough performed on the Hack The Box machine Valentine.The links used in the video are listed below ...
Published April 26, 2021
Security Boulevard
securityboulevard.com › home › editorial calendar › devsecops › what is the dirty cow exploit, and how to prevent it
What is the Dirty COW exploit, and how to prevent it - Security Boulevard
March 27, 2024 - “Run and pwn”, as the documentation says, with an exploit that generates a new password hash on the fly and modifies /etc/passwd automatically. Although it’s a patched Linux kernel bug, attackers continue to use it in their activities.
GitHub
github.com › dirtycow › dirtycow.github.io › wiki › PoCs
PoCs
October 21, 2016 - ./cowroot · SUID-based root · /proc/self/mem · dirtycow-mem.c · ./dirtycow-mem · libc-based root · /proc/self/mem · pokemon.c · ./d file content · Read-only write · PTRACE_POKEDATA · dirtycow.cr · dirtycow --target --string --offset · Read-only write · /proc/self/mem · dirtyc0w.c · ./dirtycow file content · Read-only write (Android) /proc/self/mem · dirtycow.rb · use exploit/linux/local/dirtycow and run ·
Author dirtycow
GitHub
github.com › damienmaier › dirtycow-exploit-explanation
GitHub - damienmaier/dirtycow-exploit-explanation
Because using /proc/self/mem makes the kernel use code that is intended to allow a process to access the memory of another process, and that is this code that contains the vulnerability. Even though here we access the memory of our own process, we need to do it in a way that allows us to exploit the vulnerable kernel code. In a second thread, repeat the following code, such that it runs concurrently to the code in point 2.
Author damienmaier
Exploit-DB
exploit-db.com › exploits › 40847
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (/etc/passwd Method) - Linux local Exploit
November 27, 2016 - Exploit: / Vulnerable App: // EDB-Note: Compile: g++ -Wall -pedantic -O2 -std=c++11 -pthread -o dcow 40847.cpp -lutil // EDB-Note: Recommended way to run: ./dcow -s (Will automatically do "echo 0 > /proc/sys/vm/dirty_writeback_centisecs") // // ----------------------------------------------------------------- // Copyright (C) 2016 Gabriele Bonacini // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation; either version 3 of the License, or // (at your option) any later version.
Red Hat
redhat.com › en › blog › understanding-and-mitigating-dirty-cow-vulnerability
Understanding and mitigating the Dirty Cow Vulnerability
November 17, 2025 - This flaw is a widespread vulnerability and spans Red Hat Enterprise Linux versions 5, 6, and 7. Technical details about the vulnerability and how to address it can be found at: Kernel Local Privilege Escalation "Dirty COW" - CVE-2016-5195. In order to be successful, an attacker must already have access to a server before they can exploit the vulnerability.
GitHub
github.com › firefart › dirtycow › blob › master › dirty.c
dirtycow/dirty.c at master · firefart/dirtycow
// This exploit uses the pokemon exploit of the dirtycow vulnerability · // as a base and automatically generates a new passwd line. // The user will be prompted for the new password when the binary is run.
Author firefart
GitHub
github.com › nowsecure › dirtycow
GitHub - nowsecure/dirtycow: radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability
radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability - nowsecure/dirtycow
Starred by 93 users
Forked by 25 users
Languages C 88.7% | Shell 8.6% | Makefile 2.2% | C++ 0.5% | C 88.7% | Shell 8.6% | Makefile 2.2% | C++ 0.5%