michalbednarski / ReparcelBug2
Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`/`createFromParcel` serialization mismatch in `OutputConfiguration`
☆109Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for ReparcelBug2
- Writeup and exploit for CVE-2023-45777, bypass for Intent validation inside AccountManagerService on Android 13 despite "Lazy Bundle" mit…☆80Updated 9 months ago
- Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel …☆278Updated last year
- ☆67Updated 3 years ago
- ☆107Updated last year
- CVE-2023-20963 PoC (Android WorkSource parcel/unparcel logic mismatch)☆51Updated 6 months ago
- Bad Spin: Android Binder Privilege Escalation Exploit (CVE-2022-20421)☆231Updated last year
- Collections of my POCs for android vendor CVEs☆257Updated last year
- Android kernel exploitation for CVE-2022-20409☆160Updated 3 weeks ago
- Files used to resolve the r2pay challenge☆47Updated 4 years ago
- Triggering and Analyzing Android Kernel Vulnerability CVE-2019-2215☆55Updated 2 years ago
- you can use frida in jeb !☆46Updated 2 years ago
- Proof-of-concept code for Android APEX key reuse vulnerability☆81Updated 9 months ago
- PoC Frida script to view Android libbinder traffic☆132Updated 3 months ago
- PoC for CVE-2021-39749, allowing starting arbitrary Activity on Android 12L Beta☆19Updated 2 years ago
- AERoot is a command line tool that allows you to give root privileges on-the-fly to any process running on the Android emulator with Goog…☆196Updated last year
- Android Root Zap Framework, Lazy and Powerful :)☆50Updated last year
- Plugins for reversing android apps in JEB☆63Updated last month
- jni.h compiled for Ghidra☆68Updated 4 years ago
- A portable utility to locate android binder service☆89Updated 5 years ago
- Katalina is like Unicorn but for Dalvik bytecode. It provides an environment that can execute Android bytecode one instruction at a time.☆136Updated 10 months ago
- CVE-2017-0806 PoC (Android GateKeeperResponse writeToParcel/createFromParcel mismatch)☆22Updated 6 years ago
- Automated Frida hook generation with JEB☆141Updated last year
- A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)☆116Updated 3 years ago
- ☆87Updated 2 years ago
- Files related to the Pwn2Own Toronto 2023 exploit against the Xiaomi 13 Pro.☆10Updated 3 weeks ago
- A black-box fuzzer to detect custom permission related privilege escalation vulnerabilities in Android.☆31Updated 2 years ago
- ☆12Updated 2 years ago
- Generate Frida hooks directly from JEB!☆75Updated last year