Dirty Cow exploit

It still don't open the bootloader the way it should.

>Requires physical access
Wrong. Just need an account. You could SSH into the machine. In fact someone mentioned it's possible to find an exploit via some other software (like apache) to push the code into memory and execute it, getting root without having an account.

The Apple MacBook Pro with Retina Display doesn't have this problem.

Thats because you're a tripfag

no, but it has very similar one:
googleprojectzero.blogspot.de/2016/10/taskt-considered-harmful.html

>considered harmful
Stopped reading there

It works. I've done it on a couple computers, it's kind of fun.

There's also one for windows, CVE-2016-3238 that most normal computers haven't fixed yet, which is also pretty fun to exploit. I haven't done anything malicious with it, it was really just for testing purposes.

Multi-user operating systems were a mistake

>tfw dirty cow will never be patched on the majority of android devices

>tfw javascript can't reach kernel

Tried it on Slackware 14.2.
Needs to install mmap which needs ghc as a dependency. ghc took a long time to compile and requires 4.5 gigs of space.
Compiled mmap and tested the exploit code only to find that it needs madvise and Slackware 14.2 uses madvise2. So no mooooooo here.
All for a local exploit.

multitasking OS's were a mistake

yup, Debian Jessie is vulnerable, i dumped Jessie and put on antiX which is 99% debian Jessie without systemD and it is not vulnerable,

fuck systemD that thing is a pile of octopus shit pooping all over the operating system

Where the fuck did systemd come from, hippie shit?

SystemD has nothing to do with it you fucking neckbeard.

not true at all. it works on powerpc (an e300c3 exactly) with Linux 3.14

i have an x86 phone u fucking nigger

Disturbing user in shitposting.
Rare pepe.
Didn't worked here. Updated anyway.

I sense you are a spic

thats no way for a girl to speak user

ur right w8.

i have an x86 phone u fucking nigger ^_^ c: :3 :* :) :) :) :)

>was wondering which distribution is affected.

it's a kernel exploit, so all in theory

>Requires physical access to the machine.

it requires local access or remote code execution, it absolutely does not need physical access

>how about local access to the machine?

then yes

>Can this be used to root android phones?

yes

no

>How would I go about doing this on my own phone?

sshdroid or something figure it out

did you forget your trip before shitting the thread up?

so use one of the dozens of other proof of concepts that don't require so much dependencies or write your own

das more like it, now suck my cock slut :3

A faggot?

So we basically buy ECC ram from now on?
I'm glad I didn't upgrade my Nexus 6 to a Pixel now, it's gonna be a few year's till we get Android devices without this fuckup

I tried and it's kinda useful.

Some people developed a SUID based exploit from that to make you use a shell as root but the kernel crashes a couple of seconds later.

The most useful task for dirtyc0w is to change the /etc/passwd file to make you root. Other than that, is pretty much useless.

Tried to port the exploit to Python (just for fun) and I can't use MADV_DONTNEED, which is essential for the exploit... oh well...

>Some people developed a SUID based exploit from that to make you use a shell as root but the kernel crashes a couple of seconds later.

run

>echo 0 > /proc/sys/vm/dirty_writeback_centisec

there's other exploits of the same bug that don't crash the kernel but have their own problems