So, when logged in, start the wifi tether app. When it has restarted, everything is back to normal, no more root privileges.īut su is still there and executable for everyone. Next download and install one of all those free tether apps that require you to root your phone.Ī popup will appear, which will ask you whether you want to grant this app root access. Now push su and superuser to your phone (remember, you have write access now) adb push su /system/xbin/Īnd then change ownership on su to all adb shell chmod 4755 /system/xbin/su mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system So now, remount the file system so you can write on the system partition. Now connect again to your phone: adb shellĪDB shell now runs with escalated privileges (root). When the exploit finished, your adb connection should terminate. Next, you start rageagainstthecage on your phone as normal user /data/local/tmp/rageagainstthecage Then you start a shell on your phone: adb shellĪnd change ownership on rageagainstthecage.bin to all chmod 755 /data/local/tmp/rageagainstthecage.bin Next, you transmit the file rageagainstthecage.bin to folder /data/local/tmp on your phone (initially, as normal user, you have write access only to the sdcard and the temp folder, but this is sufficient)Īdb push rageagainstthecage.bin /data/local/tmp/ You need to enable USB-Debugging, and switch of internet sharing. Put all, the superuser package, the su program, and the RageAgainstTheCage exploit in the same folder as adb (a program to connect to your android phone from the Android SDK). Then, download the superuser (su) package: Install the appropriate Android Platform SDK (version 2.1 for me). For that, use the RageAgainstTheCage attack made by Sebastian Krahmer of Suse Linux Berlin (in binary only), reverse-engineered here:ĭownload the Android SDK starter kit from Google. So, next, you need to cross-compile a privilege-escalation attack for ARM5 (HTC Hero microprocessor). You do this in order to be able to start a privilege escalation attack ON YOUR PHONE. Which will show you the detailed processor information of your phone (ARM5 in my case).Īfterwards, you need to install an ARM5 cross-compiler environment on your Linux box (download Ubuntu and VirtualBox if you are a Windows/Mac-freak and don't have a Linux box), in order to compile native code for your phone. First, on your phone, install a terminal-emulator from Android market, then run
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |