Skip to content

secmob/PoCForCVE-2015-1528

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

This PoC is divided into three Parts, the folder mediaserver help to inject code into mediaserver from a normal application. the folder surfaceflinger help to inject code to surfaceflinger after you got mediaserver permission. the folder system_server help to inject code to system_server after you got surfaceflinger permission. the bbshell folder help to inject busybox to mediaserver

the PoC contain many hard codes, I tested it on Nexus 5 for Android 5.0(LRX21O), you may have to adust these hard codes to suit your case. detail introduce about the vulnerability please refer to https://www.blackhat.com/docs/us-15/materials/us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege-wp.pdf

About

I'll submit the poc after blackhat

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages