ive heard of a few possible exploits being discovered of late but a report i read this morning on an NSO group hack is potentially the most interesting because it lists a selection of phones the exploit has rooted with no special requirements other than an app, and one of those models was the P20, its possible that this could allow us to root/unlock BL/change region without needing to crack devices open. heres some of the info from the article
Quote:
Attackers are exploiting a zeroday vulnerability in Google’s Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel models, a member of Google’s Project Zero research group said on Thursday night.
There’s evidence the vulnerability is being actively exploited, either by exploit developer NSO Group or one of its customers, Project Zero member Maddie Stone said in a post. Exploits require little or no customization to fully root vulnerable phones. The vulnerability can be exploited two ways: (1) when a target installs an untrusted app or (2) for online attacks, by combining the exploit with a second exploit targeting a vulnerability in code the Chrome browser uses to render content.
“The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device,” Stone wrote. “If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox.”
A “non-exhaustive list” of vulnerable phones include:
Pixel 1
Pixel 1 XL
Pixel 2
Pixel 2 XL
Huawei P20
Xiaomi Redmi 5A
Xiaomi Redmi Note 5
Xiaomi A1
Oppo A3
Moto Z3
Oreo LG phones
Samsung S7
Samsung S8
Samsung S9
|
with any luck itll also work on some newer devices but even if not it may save the need for removing the back on a few devices
10-04-2019, 09:37
Linear Mode
