Skip to content

p1gl3t/CVE-2015-1474_poc

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

This code is ment to be a tentative of a poc for CVE-2015-1474. The code is based on the code of the screencap comand, but generates a rogue parcel that crashes the surfaceflinger when it is deserialized. See more at http://forum.xda-developers.com/kindle-fire-hdx/orig-development/evaluating-cve-2015-1474-to-escalate-to-t3045163.

Clone under frameworks/base/cmds/badscreencap and compile with mmm frameworks/base/cmds/badscreencap. To be able to compile you change the visibility of BBinder::onTransact to public (in frameworks/native/include/Binder.h). This is required for getting the vtable offset of that method.

You can pull the required .so's from your device (or OTA package) if you do not want to build the entire native Android framework.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published