Thursday, January 6, 2011

adb trickery #2

Apparently some vendors have reviewed android and also fixed
the ashmem issue in 2.2.1 (along with adb and zygote).


However, I got the first reports for KillingInTheNameOf
working on 2.1 devices. So I made it available
here.


It was really my favorite and I hoped it would become
the Gingerbreak, but 2.3 is not using
ashmem for system properties. Thats life :)




[Update:] it seems like the property space has become
the new playground for breaking froyo devices since this post,
as the ashmem implementation has some shortcomings if
it comes to properly protecting the property space :-)
The security of the whole system relies on the property
space due to ro.secure and other properties.
However for Gingerbread, the property implementation has been
redesigned AFAIK.


Also check out this link for another method of exploiting
ashmem which apparently also works on 2.2.1 devices.


My Gingerbreak works, but I wont release it before a couple
of devices are in the wild so the issue is not fixed before
it can become useful.

8 comments:

Anonymous said...

looking forward to see it. keep up the interesting work!

Anonymous said...

once again you have done it. total respect! where all else failed, this worked! thank you

Anonymous said...

You're doing such great work! Congratulations!

Any chance you can help with the Motorola Bootloader problem?

Anonymous said...

Has the gingerbread attack been tested against the honeycomb sdk?

Anonymous said...

Can you please release Gingerbreak now?

Anonymous said...

CAn you release your Gingerbreak? Trying to get Droid X on Gingerbread rooted.

Chris and Janet Livingston said...

Please please please help out the DX community by releasing your GB root. I'm dying to put it on my DX but without root I'll wait.

Anonymous said...

DX has GB now! And we sould love to see your Gingerbreak! Thanks for all the hard work you do.