CVE-2020-0001 PoC — Android Framework 安全漏洞

Source

https://github.com/Zachinio/CVE-2020-0001

Associated Vulnerability

Title:Android Framework 安全漏洞 (CVE-2020-0001)
Description:Android是美国谷歌（Google）和开放手持设备联盟（简称OHA）的一套以Linux为基础的开源操作系统。Framework是其中的一个Android框架组件。 Android中的Framework存在提权漏洞。攻击者可利用该漏洞提升权限。以下产品及版本受到影响：Android 10版本，8.0版本，8.1版本，9版本

Description

POC to run system component in an untrusted-app process

Readme


# CVE-2020-0001
POC to run system component in an untrusted-app process

# Blog
https://zachinio.com/blogs/cve-2020-0001

# How to use
Run the app, make sure the process "com.android.settings" does not exist, and click the "start service" button.
Launch the settings app or wait for a system component to launch it for you.

File Snapshot


 [4.0K]  /data/pocs/63116ed5394ca4f14334db6caad0bef5bc1b27eb
├── [4.0K]  CVE-2020-0001
│   ├── [4.0K]  app
│   │   ├── [1.0K]  build.gradle
│   │   ├── [ 750]  proguard-rules.pro
│   │   └── [4.0K]  src
│   │       └── [4.0K]  main
│   │           ├── [ 998]  AndroidManifest.xml
│   │           ├── [4.0K]  java
│   │           │   └── [4.0K]  zachinio
│   │           │       └── [4.0K]  cve
│   │           │           └── [4.0K]  example
│   │           │               ├── [1.2K]  IsolatedService.java
│   │           │               └── [1.2K]  MainActivity.java
│   │           └── [4.0K]  res
│   │               ├── [4.0K]  drawable
│   │               │   └── [5.5K]  ic_launcher_background.xml
│   │               ├── [4.0K]  drawable-v24
│   │               │   └── [1.7K]  ic_launcher_foreground.xml
│   │               ├── [4.0K]  layout
│   │               │   └── [ 805]  activity_main.xml
│   │               ├── [4.0K]  mipmap-anydpi-v26
│   │               │   ├── [ 272]  ic_launcher_round.xml
│   │               │   └── [ 272]  ic_launcher.xml
│   │               ├── [4.0K]  mipmap-hdpi
│   │               │   ├── [3.5K]  ic_launcher.png
│   │               │   └── [5.2K]  ic_launcher_round.png
│   │               ├── [4.0K]  mipmap-mdpi
│   │               │   ├── [2.6K]  ic_launcher.png
│   │               │   └── [3.3K]  ic_launcher_round.png
│   │               ├── [4.0K]  mipmap-xhdpi
│   │               │   ├── [4.8K]  ic_launcher.png
│   │               │   └── [7.3K]  ic_launcher_round.png
│   │               ├── [4.0K]  mipmap-xxhdpi
│   │               │   ├── [7.7K]  ic_launcher.png
│   │               │   └── [ 12K]  ic_launcher_round.png
│   │               ├── [4.0K]  mipmap-xxxhdpi
│   │               │   ├── [ 10K]  ic_launcher.png
│   │               │   └── [ 16K]  ic_launcher_round.png
│   │               ├── [4.0K]  values
│   │               │   ├── [ 378]  colors.xml
│   │               │   ├── [  75]  strings.xml
│   │               │   └── [ 835]  themes.xml
│   │               └── [4.0K]  values-night
│   │                   └── [ 835]  themes.xml
│   ├── [ 530]  build.gradle
│   ├── [4.0K]  gradle
│   │   └── [4.0K]  wrapper
│   │       ├── [ 53K]  gradle-wrapper.jar
│   │       └── [ 230]  gradle-wrapper.properties
│   ├── [1.1K]  gradle.properties
│   ├── [5.2K]  gradlew
│   ├── [2.2K]  gradlew.bat
│   └── [  50]  settings.gradle
├── [1.0K]  LICENSE
├── [ 328]  README.md
└── [2.2K]  script.js

22 directories, 34 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!