> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-14/linux-exploit/trick-0194.md).

# Linux Dirty COW Privilege Escalation

***

Upload the Dirty COW exploit source code (`exploit.c`) to the target machine. Compile it using `gcc`, ensuring to include pthread and crypt libraries.

```bash
gcc -pthread exploit.c -o exploit -lcrypt
```

Execute the compiled exploit. Different versions may handle password input differently, either taking it as a command-line argument or prompting the user. This exploit automatically generates a new passwd line.\
Example using command-line argument:

```bash
./exploit password123
```

Alternatively, some variants may prompt:\
The user will be prompted for the password during execution.

The exploit will typically modify `/etc/passwd` to create a new root user (often named `firefart` or similar) with the specified password.

Finally, switch user to the newly created root user using the password provided during execution.

```bash
su firefart
# Enter password123
```
