android trickery exploit for root

This is a discussion on android trickery exploit for root within the Motorola Backflip Development & Hacking forums, part of the Motorola Backflip category; I'm gonna try compiling this as well... although I have yet to set up a build environment for C applications... I'm learning as I go. ...

Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 36

Thread: android trickery exploit for root

  1. #21
    Junior Member turnyourbackandrun's Avatar
    Join Date
    May 2010
    Posts
    18
    I'm gonna try compiling this as well... although I have yet to set up a build environment for C applications... I'm learning as I go. I have Eclipse, the SDK, and the ADT plugin for eclipse, but it looks like I also need the NDK to compile C code. I'm working in a windows environment, although I might switch to linux if it seems like it's gonna be easier.

    weasel, do you mind posting a quick guide on how you set up your build environment? I've looked at so many different guides, I don't know what I'm following anymore lol.

    edit: nevermind, weasel... I was able to successfully get a build environment set up. For anyone on windows, all you need to do to compile simple C programs is install Cygwin (selecting the make package) and download the android ndk from http://developer.android.com/sdk/ndk/index.html. To build a simple C application, first add the NDK to your path by entering the following command in a Cygwin shell:

    export PATH=$PATH:<NDK>

    where <NDK> is the path where you extracted the ndk. Create the following files and folders to set up your project where <PROJECT> is the path to your project:

    <PROJECT>/jni
    <PROJECT>/jni/project.c
    <PROJECT>/jni/Android.mk


    project.c is the program you want to run. Android.mk is the makefile. A simple makefile, taken from one of the demos, looks like this:

    LOCAL_PATH := $(call my-dir)

    include $(CLEAR_VARS)

    LOCAL_MODULE := project
    LOCAL_SRC_FILES := project.c

    include $(BUILD_EXECUTABLE)
    Then, using Cygwin, just cd to <PROJECT> and run the command ndk-build. The binary will be <PROJECT>/libs/armeabi/project. You can then adb push it to either /sqlite_stmt_journals or /data/local/tmp. Then I had to chmod the file to 0777 to get it to execute.

    This may seem like an unnecessary guide, and I'm sure I'm over-simplifying the process, but I wish I had found a simple guide like that a long time ago Hopefully it will help someone.

    With that said, I have no idea how to attempt this exploit on anything other than /etc/firmware (thought it might be as simple as changing a path in the code... thought wrong). I'm sure I'm exposing myself for the n00b that I am, but hey... I'm trying

  2. #22
    Senior Member Joe Coolcool's Avatar
    Join Date
    Apr 2010
    Posts
    408
    It helped me.
    Credit goes to ee0r.com for my avatar.

  3. #23
    Senior Member jmgib's Avatar
    Join Date
    Mar 2010
    Location
    Kentucky
    Posts
    1,350
    Not sure if it will help, but Motorola offers a developer suite. You can get it for free at Motodev. Just need to register.
    Avatar courtesy of Elliott C. 'Eeyore' Evans

  4. #24
    Junior Member rengreco's Avatar
    Join Date
    May 2010
    Posts
    17
    /sys/firmware? Just digging around the FS.

  5. #25
    Member weasel5i2's Avatar
    Join Date
    May 2010
    Location
    Austin, TX
    Posts
    87
    Sorry to disappoint you guys, but neither the Eclipse IDE nor the MotoDev stuff include anything for compiling binaries to run natively under the kernel environment.. The closest you can get is with the NDK for "native" code, but from what I've observed, that is still within the confines of the Dalvik VM. Both the MotoDev and Eclipse methods are intended for Application development, which unfortunately will not help us r00t since Dalvik won't allow it.

    The best way to go about compiling native ARM binaries which will run in the shell (and I have successfully done this in the past, but since then I've reinstalled my netbook and lost everything I had done, which sucks because now I must basically re-learn it again. However, it was easy to figure out, especially if you're familiar with command-line compiling in Linux.)

    Here are some starting points I used:


    Hope this helps!

    --W5i2

  6. #26
    Senior Member jmgib's Avatar
    Join Date
    Mar 2010
    Location
    Kentucky
    Posts
    1,350
    Honestly, I didn't know if the Motodev Studio allowed compiling NDK or not, just thought I'd mention it in case that it would.
    Avatar courtesy of Elliott C. 'Eeyore' Evans

  7. #27
    Junior Member turnyourbackandrun's Avatar
    Join Date
    May 2010
    Posts
    18
    The method I gave above will compile a C binary which can be run directly from adb shell or a terminal emulator. I've tested it with a simple hello world program successfully. As far as the confines of Dalvik VM, isn't that assuming you're using the Dalvik VM to run dalvik bytecode? The binaries compiled with that method run on their own- they're not called by a Java class or packaged inside an apk.

  8. #28
    Member gir489's Avatar
    Join Date
    Jul 2010
    Posts
    44
    Did anyone get a working compile?

    I've been too busy with StarCraft II to care about working on my Backflip.

  9. #29
    Senior Member Joe Coolcool's Avatar
    Join Date
    Apr 2010
    Posts
    408
    No.


    Got Starcraft 2 eh? I assume it's as good as they say.
    Credit goes to ee0r.com for my avatar.

  10. #30
    Member weasel5i2's Avatar
    Join Date
    May 2010
    Location
    Austin, TX
    Posts
    87
    OK, I installed the CodeSourcery toolchain as described here and managed to successfully compile exploid.c, changing the SUBSYSTEM in the source to also attempt the exploit via block, char, graphics, mtd, sound, and usb (since the Backflip apparently lacks the firmware subsystem).

    I haven't had a chance to test these yet. I ran one on the Linux netbook and it ran natively, which makes me suspicious that these binaries are not ARM compiled for some reason, but I guess I'll find out here in a little while once my Backflip charges up enough to let me switch it on and test these out. Unless someone else wants to try them.

    The rootshell password is "t0asty" (without quotes).

    These binaries are statically linked.

    *EDIT* - doesn't seem that they compiled/linked properly - I try running them on the handset and it says "not found". Trying to recompile them..

    *EDIT #2* - Apparently I forgot to actually link them statically. It's done now, but the resulting attachment size exceeds what is allowed by this forum, so I put them here instead.

    --W5i2

Page 3 of 4 FirstFirst 1234 LastLast

Remove Ads

http://www.scramblerducati.org/

Sponsored Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Search tags for this page

android trickery

,

android trickery exploit for root

,
compilation android exploit
,
rooting motorola backflip skrillax cz
,
skrillax cz
,

using http://c-skills.blogspot.com/2010/07/android-trickery.html exploit

Click on a term to search our sites for related topics.
Android Forum