CVE-2012-4220 PoC — Android Qualcomm Innovation Center 安全漏洞

Source

Associated Vulnerability

Title:Android Qualcomm Innovation Center 安全漏洞 (CVE-2012-4220)
Description:Google Chrome是美国谷歌（Google）公司开发的一款Web浏览器。Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。 Android 2.3至4.2版本中的Qualcomm Innovation Center (QuIC) Diagnostics (又名DIAG)内核模式驱动程序中的diagchar_core.c中存在漏洞。远程攻击者利用该漏洞通过使用diagchar_ioctl调用中的特制的参数的应用程序，执行任意代

Description

exploit for CVE-2012-4220 working on zte-open

Readme

root-zte-open
=============

exploit for CVE-2012-4220 working on zte-open

Original Advisory: https://www.codeaurora.org/projects/security-advisories/multiple-issues-diagkgsl-system-call-handling-cve-2012-4220-cve-2012
Original Exploit: https://github.com/hiikezoe/break_setresuid

## Build
    $ ndk-build NDK_PROJECT_PATH=. APP_BUILD_SCRIPT=./Android.mk

File Snapshot


 [4.0K]  /data/pocs/8339174d3f5fee9a11d13f7b8bddd50f3ac901d2
├── [ 269]  Android.mk
├── [4.0K]  libdiagexploit
│   ├── [ 186]  Android.mk
│   ├── [6.0K]  diag.c
│   └── [1.2K]  diag.h
├── [4.9K]  main.c
├── [ 357]  README.md
└── [ 34K]  su.h

1 directory, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!