Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-0806 PoC — Android Framework(gatekeeperresponse) 权限许可和访问控制问题漏洞

Source
https://github.com/michalbednarski/ReparcelBug
Associated Vulnerability
Title:Android Framework(gatekeeperresponse) 权限许可和访问控制问题漏洞 (CVE-2017-0806)
Description:Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。Framework(gatekeeperresponse)是其中的一个多媒体开发框架。 Android中的Framework(gatekeeperresponse)存在提权漏洞。远程攻击者可利用该漏洞绕过安全限制,执行未授权的操作。以下版本受到影响:Android 6.0版本,6.0.1版本,7.0版本,7.1.1版本,7.1.2版本,8.0版本。
Description
CVE-2017-0806 PoC (Android GateKeeperResponse writeToParcel/createFromParcel mismatch)
Readme
# Android writeToParcel/createFromParcel mismatch bug PoC
See https://github.com/michalbednarski/IntentsLab/issues/2#issuecomment-344365482 for description of bug.

This repositiory contains PoC for [CVE-2017-0806](https://source.android.com/security/bulletin/2017-10-01#framework), which is mismatch in `GateKeeperResponse` class.
File Snapshot

 [4.0K]  /data/pocs/1731d53a37c70b1d42e4ad56f1f854199ebd489e
├── [4.0K]  app
│   ├── [ 540]  build.gradle
│   ├── [ 922]  proguard-rules.pro
│   └── [4.0K]  src
│       └── [4.0K]  main
│           ├── [1.1K]  AndroidManifest.xml
│           ├── [4.0K]  assets
│           │   └── [4.5M]  ApiDemos.apk
│           ├── [4.0K]  java
│           │   └── [4.0K]  com
│           │       └── [4.0K]  example
│           │           └── [4.0K]  ambigousbundle3
│           │               ├── [5.1K]  Ambiguator.java
│           │               ├── [2.3K]  AuthService.java
│           │               └── [4.8K]  MainActivity.java
│           └── [4.0K]  res
│               ├── [4.0K]  layout
│               │   └── [1.3K]  activity_main.xml
│               ├── [4.0K]  mipmap-hdpi
│               │   ├── [3.3K]  ic_launcher.png
│               │   └── [4.1K]  ic_launcher_round.png
│               ├── [4.0K]  mipmap-mdpi
│               │   ├── [2.2K]  ic_launcher.png
│               │   └── [2.5K]  ic_launcher_round.png
│               ├── [4.0K]  mipmap-xhdpi
│               │   ├── [4.7K]  ic_launcher.png
│               │   └── [6.0K]  ic_launcher_round.png
│               ├── [4.0K]  mipmap-xxhdpi
│               │   ├── [7.5K]  ic_launcher.png
│               │   └── [9.8K]  ic_launcher_round.png
│               ├── [4.0K]  mipmap-xxxhdpi
│               │   ├── [ 10K]  ic_launcher.png
│               │   └── [ 14K]  ic_launcher_round.png
│               ├── [4.0K]  values
│               │   └── [1.3K]  strings.xml
│               └── [4.0K]  xml
│                   └── [ 222]  authenticator.xml
├── [ 515]  build.gradle
├── [4.0K]  gradle
│   └── [4.0K]  wrapper
│       ├── [ 52K]  gradle-wrapper.jar
│       └── [ 231]  gradle-wrapper.properties
├── [ 730]  gradle.properties
├── [4.9K]  gradlew
├── [2.3K]  gradlew.bat
├── [ 332]  README.md
└── [  15]  settings.gradle

19 directories, 28 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.