CVE-2015-6639 PoC — Android Widevine QSEE TrustZone应用程序安全漏洞

Source

https://github.com/laginimaineb/ExtractKeyMaster

Associated Vulnerability

Title:Android Widevine QSEE TrustZone应用程序安全漏洞 (CVE-2015-6639)
Description:Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。 Android 5.1.1 LMY49F之前5.x版本和2016-01-01之前6.0版本的Widevine QSEE TrustZone应用程序中存在安全漏洞。攻击者可借助拥有QSEECOM驱动访问权限的应用程序利用该漏洞获取权限。

Description

Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431

Readme

# ExtractKeyMaster
Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431

File Snapshot


 [4.0K]  /data/pocs/0a019c33854721e84cf9335353d33283c3754e77
├── [4.0K]  jni
│   ├── [ 284]  Android.mk
│   ├── [  27]  Application.mk
│   ├── [ 150]  build_shellcode.sh
│   ├── [1.7K]  defs.h
│   ├── [ 12K]  exploit_utilities.c
│   ├── [4.7K]  exploit_utilities.h
│   ├── [3.1K]  keymaster_commands.c
│   ├── [1.4K]  keymaster_commands.h
│   ├── [2.4K]  keymaster_common.h
│   ├── [6.1K]  keymaster_qcom.h
│   ├── [ 15K]  LICENSE
│   ├── [3.7K]  main.c
│   ├── [4.0K]  QSEEComAPI.c
│   ├── [ 12K]  QSEEComAPI.h
│   ├── [ 412]  qsee_syscalls.h
│   ├── [ 272]  shellcode.S
│   ├── [6.2K]  symbols.h
│   ├── [7.9K]  tzbsp_exploit.c
│   ├── [2.9K]  tzbsp_exploit.h
│   ├── [1.4K]  tzbsp_symbols.h
│   ├── [2.1K]  vuln.c
│   ├── [ 529]  vuln.h
│   ├── [4.4K]  widevine_commands.c
│   └── [2.5K]  widevine_commands.h
└── [ 105]  README.md

1 directory, 25 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!