CVE-2014-8609 PoC — Android Settings应用程序权限许可和访问控制漏洞

Source

https://github.com/ratiros01/CVE-2014-8609-exploit

Associated Vulnerability

Title:Android Settings应用程序权限许可和访问控制漏洞 (CVE-2014-8609)
Description:Google Chrome是美国谷歌（Google）公司开发的一款Web浏览器。Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。Settings是Android系统中的“设置”应用程序。 Android 5.0.0之前版本的Settings应用程序中的src/com/android/settings/accounts/AddAccountSettings.java文件中的‘addAccount’方法中存在安全漏洞，该漏洞源于程序没

Readme

# CVE-2014-8609-exploit
During the study of pending intent exploitation, I created my PoC application of CVE-2014-8609

Reference: 
1. https://seclists.org/fulldisclosure/2014/Nov/81
2. https://github.com/locisvv/Vulnerable-CVE-2014-8609

File Snapshot


 [4.0K]  /data/pocs/d0a973da65f3f384030fb608d3a32540de1c7c00
├── [4.0K]  app
│   ├── [1.0K]  build.gradle
│   ├── [ 750]  proguard-rules.pro
│   └── [4.0K]  src
│       ├── [4.0K]  androidTest
│       │   └── [4.0K]  java
│       │       └── [4.0K]  com
│       │           └── [4.0K]  example
│       │               └── [4.0K]  cve_2014_8609_exploit
│       │                   └── [ 780]  ExampleInstrumentedTest.java
│       ├── [4.0K]  main
│       │   ├── [1.5K]  AndroidManifest.xml
│       │   ├── [4.0K]  java
│       │   │   └── [4.0K]  com
│       │   │       └── [4.0K]  example
│       │   │           └── [4.0K]  cve_2014_8609_exploit
│       │   │               ├── [3.4K]  AccountAuthenticator.java
│       │   │               ├── [ 560]  AccountAuthenticatorService.java
│       │   │               └── [1.7K]  MainActivity.java
│       │   └── [4.0K]  res
│       │       ├── [4.0K]  drawable
│       │       │   └── [5.5K]  ic_launcher_background.xml
│       │       ├── [4.0K]  drawable-v24
│       │       │   └── [1.7K]  ic_launcher_foreground.xml
│       │       ├── [4.0K]  layout
│       │       │   └── [1.9K]  activity_main.xml
│       │       ├── [4.0K]  mipmap-anydpi-v26
│       │       │   ├── [ 272]  ic_launcher_round.xml
│       │       │   └── [ 272]  ic_launcher.xml
│       │       ├── [4.0K]  mipmap-hdpi
│       │       │   ├── [2.8K]  ic_launcher_round.webp
│       │       │   └── [1.4K]  ic_launcher.webp
│       │       ├── [4.0K]  mipmap-mdpi
│       │       │   ├── [1.7K]  ic_launcher_round.webp
│       │       │   └── [ 982]  ic_launcher.webp
│       │       ├── [4.0K]  mipmap-xhdpi
│       │       │   ├── [3.8K]  ic_launcher_round.webp
│       │       │   └── [1.9K]  ic_launcher.webp
│       │       ├── [4.0K]  mipmap-xxhdpi
│       │       │   ├── [5.8K]  ic_launcher_round.webp
│       │       │   └── [2.8K]  ic_launcher.webp
│       │       ├── [4.0K]  mipmap-xxxhdpi
│       │       │   ├── [7.6K]  ic_launcher_round.webp
│       │       │   └── [3.8K]  ic_launcher.webp
│       │       ├── [4.0K]  values
│       │       │   ├── [ 378]  colors.xml
│       │       │   ├── [  83]  strings.xml
│       │       │   └── [ 840]  themes.xml
│       │       ├── [4.0K]  values-night
│       │       │   └── [ 840]  themes.xml
│       │       └── [4.0K]  xml
│       │           └── [ 264]  authenticator.xml
│       └── [4.0K]  test
│           └── [4.0K]  java
│               └── [4.0K]  com
│                   └── [4.0K]  example
│                       └── [4.0K]  cve_2014_8609_exploit
│                           └── [ 394]  ExampleUnitTest.java
├── [ 291]  build.gradle
├── [4.0K]  gradle
│   └── [4.0K]  wrapper
│       ├── [ 58K]  gradle-wrapper.jar
│       └── [ 230]  gradle-wrapper.properties
├── [1.2K]  gradle.properties
├── [5.6K]  gradlew
├── [2.6K]  gradlew.bat
├── [ 238]  README.md
└── [ 338]  settings.gradle

32 directories, 36 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!