Dirty-COW Attack Lab
SEED Lab: A Hands-on Lab for Security Education
Overview
The Dirty COW vulnerability is an interesting case of the race condition vulnerability. It existed in the Linux kernel since September 2007, and was discovered and exploited in October 2016. The vulnerability affects all Linux-based operating systems, including Android, and its consequence is very severe: attackers can gain the root privilege by exploiting the vulnerability. The vulnerability resides in the code of copy-on-write inside Linux kernel. By exploiting this vulnerability, attackers can modify any protected file, even though these files are only readable to them.
The objective of this lab is for students to gain the hands-on experience on the Dirty COW attack, understand the race condition vulnerability exploited by the attack, and gain a deeper understanding of the general race condition security problems. In this lab, students will exploit the Dirty COW race condition vulnerability to gain the root privilege.Lab Tasks
- VM version: This lab has been tested on our pre-built SEEDUbuntu12.04 VM.
Recommended Time
- Supervised situation (e.g. a closely-guided lab session):
- Unsupervised situation (e.g. take-home project):
Videos (New)
- This topic is covered in my Udemy course: Computer Security: A Hands-on Approach.
Files that are Needed
- cow_attack.c (the attack program)
Suggested Reading
- SEED Book by Wenliang Du
(Book website)
(Chinese version)