Thursday, November 10, 2016

Dirty Cow vulnerability on linux

I just wanted to test what is this dirty cow and how does this work. I am not going to share how this works as you can search on google but below is what it can do.

Change the content of read only file with 0404 privilege

pi@raspberrypi:~/hdhillon/cow$ ls -l
total 16
-rwxr-xr-x 1 pi   pi   7653 Nov 10 15:33 harveyCOW
-rw-r--r-- 1 pi   pi   2408 Nov 10 15:33 harveyCOW.c
-r-----r-- 1 root root   22 Nov 10 15:40 myReadOnlyFile.txt
pi@raspberrypi:~/hdhillon/cow$
pi@raspberrypi:~/hdhillon/cow$
pi@raspberrypi:~/hdhillon/cow$ cat myReadOnlyFile.txt
readOnly file content
pi@raspberrypi:~/hdhillon/cow$
pi@raspberrypi:~/hdhillon/cow$ ./harveyCOW myReadOnlyFile.txt mOOOmOOOOmOOOmOOOOmOOOOO
mmap b6fae000
^C
pi@raspberrypi:~/hdhillon/cow$
pi@raspberrypi:~/hdhillon/cow$ cat myReadOnlyFile.txt
mOOOmOOOOmOOOmOOOOmOOOpi@raspberrypi:~/hdhillon/cow$
pi@raspberrypi:~/hdhillon/cow$
pi@raspberrypi:~/hdhillon/cow$ ls -l
total 16
-rwxr-xr-x 1 pi   pi   7653 Nov 10 15:33 harveyCOW
-rw-r--r-- 1 pi   pi   2408 Nov 10 15:33 harveyCOW.c
-r-----r-- 1 root root   22 Nov 10 15:40 myReadOnlyFile.txt
pi@raspberrypi:~/hdhillon/cow$


Monday, November 7, 2016

Target Manager failed at Startup: targets.xml was rejected: loaded with a wrong agent token

Trying to start the oracle management agent on client and it is failing to start and getting the error below:

$ ./emctl start agent
Oracle Enterprise Manager Cloud Control 12c Release 2
Copyright (c) 1996, 2012 Oracle Corporation.  All rights reserved.
Starting agent .............. failed.
Target Manager failed at Startup: targets.xml was rejected: loaded with a wrong agent token
Consult emctl.log and emagent.nohup in: /u01/agent12c/agent_inst/sysman/log



Solution :

Go to /u01/agent12c/agent_inst/sysman/emd and
mv targets.xml target.xml.backup

create new targets.xml with below content


<Targets>

</Targets>

Trying starting the agent with

emctl start agent

go back to your targets.xml file and cat it to get value of AGENT_TOKEN

$ cat targets.xml
<Targets AGENT_TOKEN="B7579B0E4405142405C6FCA2F86B2D2440FC93784BBA17229895F56E933ACA4F"/>
$

-- Stop agent

emctl stop agent

go to targets.xml.backup and modify the AGENT_TOKEN with current value.

remove  targets.xml which has got

<Targets AGENT_TOKEN="B7579B0E4405142405C6FCD2440FC93784BBA17229895F56E9334F"/>

Rename targets.xml.backup to targets.xml

start agent

Wallah it works !!!