Day 13 - Coal for Christmas
Date: 13, December, 2020
Author: Dhilip Sanjay S
Kernel Exploits
Dirty COW (Copy-On-Write) - CVE-2016-5195
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings.
An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
To get password input using C:
getpass("<Prompt message>")
in<unistd.h>
header.
Solutions
What old, deprecated protocol and service is running?
Answer: Telnet
What credential was left for you?
Answer: clauschristmas
Steps to Reproduce:
telnet <MACHINE_IP> <PORT_FROM_NMAP_SCAN>
What distribution of Linux and version number is this server running?
Answer: Ubuntu 12.04
Steps to Reproduce:
cat /etc/*release
Who got here first?
Answer: grinch
Steps to Reproduce:
cat cookies_and_milk.txt
What is the verbatim syntax you can use to compile, taken from the real C source code comments?
Answer: gcc -pthread dirty.c -o dirty -lcrypt
What "new" username was created, with the default operations of the real C source code?
Answer: firefart
What is the MD5 hash output?
Answer: 8b16f00dd3b51efadb02c1df7f8427cc
Steps to Reproduce:
Last updated