SkillAgentSearch skills...

Dirtycow

Dirty Cow exploit - CVE-2016-5195

GenerateConvertImprove

Install / Use

/learn @firefart/Dirtycow
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

dirtycow

This exploit uses the pokemon exploit of the dirtycow vulnerability as a base and automatically generates a new passwd line. The user will be prompted for the new password when the binary is run. The original /etc/passwd file is then backed up to /tmp/passwd.bak and overwrites the root account with the generated line. After running the exploit you should be able to login with the newly created user.

To use this exploit modify the user values according to your needs.

The default user being created is toor.

Original exploit (dirtycow's ptrace_pokedata "pokemon" method): https://github.com/dirtycow/dirtycow.github.io/blob/master/pokemon.c

Compile with:

gcc -pthread dirty.c -o dirty -lcrypt

Then run the newly create binary by either doing:

./dirty

or

 ./dirty my-new-password

Afterwards, you can either su toor or ssh toor@...

DON'T FORGET TO RESTORE YOUR /etc/passwd AFTER RUNNING THE EXPLOIT!

mv /tmp/passwd.bak /etc/passwd

Exploit adopted by Christian "firefart" Mehlmauer

https://firefart.at

firefart

View profile

View on GitHub
GitHub Stars926
CategoryDevelopment
Updated3d ago
Forks429
firefart/dirtycow

Languages

C

Security Score

85/100

Audited on Mar 29, 2026

No findings