j4nn / cve-2020-0041 Goto Github PK

License: GNU General Public License v2.0

Makefile 0.74% C 99.26%

cve-2020-0041's Introduction

CVE-2020-0041

This repository contains LPE code for exploiting CVE-2020-0041 implemented by bluefrostsecurity as released at https://github.com/bluefrostsecurity/CVE-2020-0041/tree/master/lpe . The exploitation approach for this part can be found at https://labs.bluefrostsecurity.de/blog/2020/04/08/cve-2020-0041-part-2-escalating-to-root/ .

This forked repository shall host ports for other kernels / devices in their specific branches. Big thanks to bluefrostsecurity for their awesome writeup and the exploit release.

cve-2020-0041's People

Contributors

Stargazers

Watchers

cve-2020-0041's Issues

Required key not available

Hi, the exploit perfectly works on Pixel 3, I have a question about the following error when I try to create a new file:

Hi, the exploit perfectly works on Pixel 3, I have a question about the following error when I try to create a new file:
image

What is the issue? Is it related to some kernel enforcement?
Is it possible to bypass it? (Pixel 3 blueline)
Thank you in advance

Whats is that problem ?

Does someone know how to fix that error ?
Using android-ndk 19 dont see work here, what is wrong ?

LG V510N

Could you kindly find the offsets for the LG V510N with firmware
LMV510NAT-00-V20s-LAO-COM-MAR-23-2021+0 or earlier?

Thanks a lot
AndreaS

How do we define TASKS_OFFSET, PID_OFFSET...?

Hi! First, thanks for this repo :)
I'm trying to port it on another device (Pixel 4).
I used the x1x5-mroo as a starting point (since the Pixel 4 also uses the kernel 4.14).
I managed to find the offsets (selinux_enforcing...), but I'm having trouble in the get_task_by_pid function.
It's rebooting the phone.
I assume the values here must be wrong (TASKS_OFFSET...), but I don't know how they are defined.
Can you please help me with that?

cc @j4nn @bluefrostsecurity

How do you get the offset?

any possible use CVE-2020-0041 exploit temp root for mi10pro?

https://forum.xda-developers.com/xperia-1/development/xperia-1-5-temp-root-exploit-via-cve-t4146103/amp/

Like this

Xperia xz2 compact freezes and reboots after random period after rooting

I've been trying to figure this out. The device freezes and reboots after a random period of time I'm not sure why. It may happen after 5 minutes or 30 seconds after rooting. It's also not related to magisk since the freeze and reboot can happen even without running magisk-start.

@j4nn Any idea how to debug this?

Having erro during compiling process.

Im trying compile using android-ndk-r20b, but 19 warnings appear saying some parts of the code are not correct, did i need install some package are missing ? is because some old projects i needed install libncurses5 for i can compile

Huawei P30 pro

is there any chance of getting the offsets for huawei P30 pro ?

Request

I tried the xz2 docomo 52.1.B.0.188 firmware and got the results, like this can you make it support? thanks

SO-04K:/data/local/tmp $ ./tama-mroot
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x50000000000 arg 0xcb00000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x60000000000 arg 0x5600000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0xd0000000000 arg 0x2880000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0xb0000000000 arg 0x180000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x150000000000 arg 0x0) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x30000000000 arg 0x19db80000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x20000000000 arg 0x6000000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x140000000000 arg 0x70000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x170000000000 arg 0x11d00000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x70000000000 arg 0x10080000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x80000000000 arg 0x1c80000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x90000000000 arg 0x180000000000) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0x180000000000 arg 0x0) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0xfffffb0000000000 arg 0x1000000006f) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0xfffffe0000000000 arg 0xfd8000000006f) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0xffffff0000000000 arg 0x1000000006f) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0xfffff00000000000 arg 0xf38000000006f) (ignoring)
WARNING: linker: Warning: "/data/local/tmp/tama-mroot" unused DT entry: unknown (type 0xfffff90000000000 arg 0x12000000006f) (ignoring)
CANNOT LINK EXECUTABLE "./tama-mroot": empty/missing DT_HASH/DT_GNU_HASH in "/data/local/tmp/tama-mroot" (new hash type from the future?)

j4nn / cve-2020-0041 Goto Github PK

cve-2020-0041's Introduction

CVE-2020-0041

cve-2020-0041's People

Contributors

Stargazers

Watchers

Forkers

cve-2020-0041's Issues

Recommend Projects

Recommend Topics

Recommend Org