a vulnerability affecting Android version 12 & 13# CVE-2024-0044
## Overview
**CVE-2024-0044** is a vulnerability discovered in certain Android applications that allows attackers to escalate privileges by exploiting a flaw in the `run-as` command. This vulnerability can be exploited by crafting a specific payload that grants unauthorized access to application data directories, which should otherwise be inaccessible to the attacker.
## Overview
This Bash script automates the exploitation of CVE-2024-0044 by pushing a malicious APK to the target device, extracting the necessary UID, generating a payload, and guiding the user through executing the required commands in an `adb` shell.
### Features
- **APK Push**: The script pushes a specified APK to the target device.
- **UID Extraction**: It extracts the UID of the target application.
- **Payload Generation**: Generates a payload designed to exploit the vulnerability.
- **Interactive Execution**: Prompts the user for input at key steps to guide them through the exploitation process.
### Prerequisites
- **ADB (Android Debug Bridge)**: Ensure that `adb` is installed and properly configured on your system.
- **Rooted Android Device**: The target device must be rooted to allow access to the `/data/local/tmp` directory and execution of the `run-as` command.
### Execution
1. **Save the Script**: Save the Bash script as `exploit_cve_2024_0044.sh`.
2. **Make the Script Executable**: Run the following command to make the script executable:
```bash
chmod +x exploit_cve_2024_0044.sh
```
3. Usage:
```bash
./exploit_cve_2024_0044.sh -P <package_name> -A <apk_file_path>
```
- **-P**: The package name of the target application.
- **-A**: The path to the malicious APK file.
[4.0K] /data/pocs/0c26551c1ab35281845214d805e9b3d6552764c4
├── [4.5K] exploit.sh
└── [1.7K] README.md
0 directories, 2 files