I will close the GingerBreak post now since most comments
are meanwhile about particular versions or not related to
Android OS at all. It turned out that GingerBreak works
on Froyo, Gingerbread and Honeycomb. For some versions it
needs minor fixes like in the detecting-phase but overall
it is a good and stable softbreak. Thanks to those who
sent patches or test reports.
Smartphone security and Android security in particular seems
to be the new hype (WTF?! HTTP is sending data in
plaintext!?) and therefore it is about time to
fall back to monitor-only mode. If you ever see a # on an
Android device in future, always remember who was pioneer-ing
exploit development on that platform and remember where
all these spin-offs came from.
I have had the choice of writing scientific papers about security
and exploits, or to code exploits. And I chose the latter.
Subscribe to:
Post Comments (Atom)
Posts
13 comments:
Thanks for your work. You truly are a god among nerds.
Until next time...
thanks man
How can I get a hold of you?
I have edited your GingerBreak.c file to suit the needs of my phone, some directory paths were different.
I am stuck there as I have not the first clue how to compile C, I tried using GCC on my linux box but netlink.h and system_properties were missing, I came to the conclusion it had to be compiled in an android environment.
This is the changed version for my model of phone: http://pastebin.com/DER6StyM
Any help would be greatly appreciated!
Thanks for the GingerBreak, it works well on most Gingerbread builds. However, on Desire HD's new builds, you get "vold: xxxx GOT start: 0x00014360 GOT end: 0x000143a0", and then it freezes. I am talking about 2.37.xxx.x ROM builds. On WWE 2.36.405.8 it works great.
Appropriate timing, thank you for giving us what the manufacturers wouldn't.
Hopefully other carriers will follow in the footsteps of Samsung (and now apparently HTC) and leave a legitimate route for us to gain root.
Hi C-skills, can you please port injectso to android? or at least point me somewhere where I can read about injecting code into android native code (libxxx.so)
Ty
Thanks for taking the time to do this. I think it would be awesome if you would write a tutorial for the exploit, or put very detailed comments in the code as to what you're doing at each stage. I code walk-through of sorts. I know it's time consuming and doesn't really provide you much benefit, but I think it would really help the rest of us learn.
Thanks again.
I try to write the code as clear as possible to need as few comments as possible. However, reading exploits
(and writing too) is not that easy
since a lot of magic is involved
which you only know when you
digged deep into the target.
E.g. WTF is he calculating the idx
that way and why is he creating this file of that size here and not there?
I have problems reading other folks
exploits as well if I dont have the time to really zoom into the
target vuln. To learn about exploit
writing I'd recommend the phrack
articles for example.
The HTC Sensation appears to be un-exploitable if you ever feel the need for a new challenge.
Any word on when there will be a root-able exploit for the 2.3.3 GB for HTC Evo 4G?
Many thanks for your work. I'd be grateful if anyone could point me to what should be the indexes and offsets that need to be changed. I do have an Android build system installed and can compile. However most of my programming is old school (fortran) and I now very little of C. My device is a Vizio VTAB 1008 running Gingerbread 2.3.2 build id GRH78C with CPU armeabi-v7a. Supposedly preproduction versions of this device was rooted before launch. However, none of the exploits I have tried so far seem to work. Thanks again.
try revolutionary.io
they seem to have a new vold exploit.
getting the right offsets and indexes
can be tricky - thats why
I dont favor memory smashing exploits in particular across a range of
devices and OS versions
Icke -- Thanks for the reply and the pointer to the revolutionary.io site.
Are you referring to the new zergRush exploit? I did try that as well but with no luck. So far, every exploit has failed -- rageagainstthecage, gingerbreak, and zergRush. The software devs at Vizio must have really been on top of every exploit and have patched them as soon as possible.
Post a Comment