CVE-2024-0044 PoC — Google Android 安全漏洞

Source

Associated Vulnerability

Description

CVE-2024-0044

Readme

![python-static-badge](https://img.shields.io/badge/Python-blue?logo=python&logoColor=white)
![android-static-badge](https://img.shields.io/badge/Android-blue?logo=android&logoColor=white)

# CVE-2024-0044

- [CVE-2024-0044](https://nvd.nist.gov/vuln/detail/CVE-2024-0044) allows a "run-as" attack to be performed, resulting in a local escalation of privileges. This enables an attacker to access private files stored locally by any application on the mobile device, compromising the security guarantees provided by the "Application Sandbox".
- Requires ADB shell access and developer mode enabled on the mobile device.
- Affects Android versions 12, 12L, 13, and 14*.
- Discovered and disclosed by [Meta Red Team X](https://rtx.meta.security/exploitation/2024/03/04/Android-run-as-forgery.html) in March 2024.
- Security patch released by Google in the [Android security bulletin of March 2024](https://source.android.com/docs/security/bulletin/2024-03-01).

# Usage

```
python cve_2024_0044.py -p target.package.name -a any-app.apk
```
![cve-2024-0044](cve-2024-0044.gif)

> [!TIP]
> For the `any-app.apk` file, any mobile application can be used, such as [F-Droid](https://f-droid.org/), for example.

File Snapshot

 [4.0K]  /data/pocs/31778a4e7bf3980e6e6dc68534dcd7618d8d47b1
├── [380K]  cve-2024-0044.gif
├── [6.7K]  cve_2024_0044.py
└── [1.2K]  README.md

0 directories, 3 files

Remarks