The Dirty COW vulnerability is an interesting case of the race condition vulnerability. It existed in the Linux kernel since September 2007, and was discovered and exploited in October 2016. The vulnerability affects all Linux-based operating systems, including Android, and its consequence is very severe: attackers can gain the root privilege by exploiting the vulnerability. The vulnerability resides in the code of copy-on-write inside Linux kernel. By exploiting this vulnerability, attackers can modify any protected file, even though these files are only readable to them.

The objective of this lab is for students to gain the hands-on experience on the Dirty COW attack, understand the race condition vulnerability exploited by the attack, and gain a deeper understanding of the general race condition security problems. In this lab, students will exploit the Dirty COW race condition vulnerability to gain the root privilege.

Lab Tasks (Description) (Video)

  • For instructors: if you prefer to customize the lab description to suit your own courses, here are our Latex source files.
  • VM version: This lab has been tested on our pre-built SEEDUbuntu12.04 VM.

Recommended Time:

  • Supervised situation (e.g. a closely-guided lab session): 2 hours
  • Unsupervised situation (e.g. take-home project): 1 week

Files that are Needed

Suggested Reading

SEED Project