CVE-2016-2431 PoC — Android Qualcomm TrustZone 权限许可和访问控制漏洞

Source

https://github.com/laginimaineb/cve-2016-2431

Associated Vulnerability

Title:Android Qualcomm TrustZone 权限许可和访问控制漏洞 (CVE-2016-2431)
Description:Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。Qualcomm TrustZone是其中的一个系统范围的安全技术。 Nexus 5、Nexus 6、Nexus 7 (2013)和Android One设备上的Android 2016-05-01之前版本的Qualcomm TrustZone中存在提权漏洞。攻击者可借助恶意的应用程序利用该漏洞获取权限。

Description

Qualcomm TrustZone kernel privilege escalation

Readme

# cve-2016-2431
Qualcomm TrustZone kernel privilege escalation

File Snapshot


 [4.0K]  /data/pocs/199862da95269180905e5b05267ace6ec5c63a0c
├── [4.0K]  jni
│   ├── [ 250]  Android.mk
│   ├── [  27]  Application.mk
│   ├── [ 150]  build_shellcode.sh
│   ├── [1.2K]  defs.h
│   ├── [ 12K]  exploit_utilities.c
│   ├── [4.7K]  exploit_utilities.h
│   ├── [1.7K]  main.c
│   ├── [2.0K]  QSEEComAPI.c
│   ├── [ 11K]  QSEEComAPI.h
│   ├── [ 140]  qsee_syscalls.h
│   ├── [  48]  shellcode.S
│   ├── [5.7K]  symbols.h
│   ├── [7.9K]  tzbsp_exploit.c
│   ├── [2.9K]  tzbsp_exploit.h
│   ├── [1.4K]  tzbsp_symbols.h
│   ├── [2.1K]  vuln.c
│   ├── [ 529]  vuln.h
│   ├── [4.4K]  widevine_commands.c
│   └── [2.5K]  widevine_commands.h
├── [ 15K]  LICENSE
└── [  63]  README.md

1 directory, 21 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!