CVE-2015-6639 PoC — Android Widevine QSEE TrustZone应用程序安全漏洞

Source

https://github.com/laginimaineb/cve-2015-6639

Associated Vulnerability

Title:Android Widevine QSEE TrustZone应用程序安全漏洞 (CVE-2015-6639)
Description:Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。 Android 5.1.1 LMY49F之前5.x版本和2016-01-01之前6.0版本的Widevine QSEE TrustZone应用程序中存在安全漏洞。攻击者可借助拥有QSEECOM驱动访问权限的应用程序利用该漏洞获取权限。

Description

QSEE Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)

Readme

# cve-2015-6639
QSEE Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)

File Snapshot


 [4.0K]  /data/pocs/0c4158a4e927d2b30b0f1b97f0f854bbaa06398c
├── [4.0K]  jni
│   ├── [ 234]  Android.mk
│   ├── [  27]  Application.mk
│   ├── [1.4K]  defs.h
│   ├── [ 15K]  exploit_utilities.c
│   ├── [4.1K]  exploit_utilities.h
│   ├── [2.6K]  main.c
│   ├── [2.1K]  QSEEComAPI.c
│   ├── [ 12K]  QSEEComAPI.h
│   ├── [4.6K]  symbols.h
│   ├── [2.2K]  vuln.c
│   ├── [ 529]  vuln.h
│   ├── [5.2K]  widevine_commands.c
│   └── [2.7K]  widevine_commands.h
├── [ 15K]  LICENSE
└── [  89]  README.md

1 directory, 15 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!