Security/B2G/RootingTools: Difference between revisions
Jump to navigation
Jump to search
(new) |
m (→Objective) |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
= Objective = | = Objective = | ||
This is just a collection of Android rooting tools. They are tailored for Android, but might help evaluate FxOS security in the long run. | |||
= Criteria list = | = Criteria list = | ||
Each tool is evaluated by a set of criteria chosen to provide a quick overview of the tool's capabilities and opportunities for integration into existing environments. | Each tool is evaluated by a set of criteria chosen to provide a quick overview of the tool's capabilities and opportunities for integration into existing environments. | ||
| Line 23: | Line 24: | ||
= Links to check out = | = Links to check out = | ||
* [ ] https://github.com/android-rooting-tools | * [X] https://github.com/android-rooting-tools | ||
* [ ] [http://www.cvedetails.com/vulnerability-list/vendor_id-1224/product_id-19997/Google-Android.html List of Android vulnerabilities] | |||
= Projects = | = Projects = | ||
== Android Rooting Tools == | == Android Rooting Tools == | ||
=== Summary === | === Summary === | ||
Collection of local Android root exploits and tools to engineer them. Exploit parameters (memory locations etc.) are collected in a per-device database. | Collection of local Android root exploits and tools to engineer, port, and maintain them. Exploit parameters (memory locations etc.) are collected in a per-device database. | ||
=== Criteria === | === Criteria === | ||
{| | {| | ||
| Line 38: | Line 42: | ||
| Programming language || C, sql, ARM ELF binaries | | Programming language || C, sql, ARM ELF binaries | ||
|- | |- | ||
| License || none | | License || partly none, partly GPL3 | ||
|- | |- | ||
| Operating system || prevalently Android NDK | | Operating system || prevalently Android NDK, some host-side maintenance code in C | ||
|- | |- | ||
| Current version || (git: 2014-01-27) | | Current version || (git: 2014-01-27) | ||
| Line 47: | Line 51: | ||
|} | |} | ||
=== Features === | === Features === | ||
The Android Rooting Tools project is actively maintained. Work on the github repository is seeing ongoing and frequent contributions by several github users, so chances are high that the project will not be abandoned soon. | |||
Its device database currently lists 186 devices, but at this point it's unclear whether this means that there's a working exploit for all of them. | |||
The list of attempted exploits is: | |||
* acdb [https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597 CVE-2013-2597] | |||
* TI OMAP2 hdcp_mmap video driver | |||
* msm_cameraconfig [http://www.cvedetails.com/cve/CVE-2013-6123/ CVE-2013-6123] | |||
* put_user [http://www.cvedetails.com/cve/CVE-2013-2094/CVE-2013-6282/ CVE-2013-6282] | |||
* fb_mem [http://www.cvedetails.com/cve/CVE-2013-2596/ CVE-2013-2596] | |||
* libperf swevent [http://www.cvedetails.com/cve/CVE-2013-2094/ CVE-2013-2094] | |||
* diag_exploit [http://www.cvedetails.com/cve/CVE-2012-4221/ CVE-2012-4221] | |||
=== Links === | === Links === | ||
Latest revision as of 22:51, 4 February 2014
Objective
This is just a collection of Android rooting tools. They are tailored for Android, but might help evaluate FxOS security in the long run.
Criteria list
Each tool is evaluated by a set of criteria chosen to provide a quick overview of the tool's capabilities and opportunities for integration into existing environments.
| Homepage | |
| Code | |
| Target user group | |
| Programming language | |
| License | |
| Operating system | |
| Current version | |
| Interface |
Links to check out
Projects
Android Rooting Tools
Summary
Collection of local Android root exploits and tools to engineer, port, and maintain them. Exploit parameters (memory locations etc.) are collected in a per-device database.
Criteria
| Homepage | https://github.com/android-rooting-tools |
| Code | https://github.com/android-rooting-tools |
| Target user group | rooters, pentesters |
| Programming language | C, sql, ARM ELF binaries |
| License | partly none, partly GPL3 |
| Operating system | prevalently Android NDK, some host-side maintenance code in C |
| Current version | (git: 2014-01-27) |
| Interface | Shell |
Features
The Android Rooting Tools project is actively maintained. Work on the github repository is seeing ongoing and frequent contributions by several github users, so chances are high that the project will not be abandoned soon.
Its device database currently lists 186 devices, but at this point it's unclear whether this means that there's a working exploit for all of them.
The list of attempted exploits is:
- acdb CVE-2013-2597
- TI OMAP2 hdcp_mmap video driver
- msm_cameraconfig CVE-2013-6123
- put_user CVE-2013-6282
- fb_mem CVE-2013-2596
- libperf swevent CVE-2013-2094
- diag_exploit CVE-2012-4221