Skip to content
Please note that GitHub no longer supports Internet Explorer.

We recommend upgrading to the latest Microsoft Edge, Google Chrome, or Firefox.

Learn more
Pixel bootlaoder exploit for reading flash storage
Java
Branch: master
Clone or download
Cannot retrieve the latest commit at this time.
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
.gitignore
LICENSE
README.md

README.md

PixelDump - CVE-2016-8462

PixelDump (CVE-2016-8462) was one of Pixel bootloader vulnerabilities found/worked out by beaups and Jon 'jcase' Sawyer.

Disclaimer

This is a dirty POC that was never intended to be released, I just copied another project, spent a few minutes adding a few lines, and sent it to Google to boost our bounty reward amount. Lame yes. Working(ish) yes.

Let me repeat, this is AWFUL code. Do not actually assume you can use this for anything.

Details

This vulnerability allows you to effectively 'read' data off the device while in bootloader mode, even with a locked bootloader.

While many people found the vulnerability, we found it first and managed to collect $4000 for it from Google, which we donated to the Clallam County Special Olympics. Vulnerability was also found by the Roee Hay at IBM, he has a write up at https://securityresear.ch/2017/01/04/fastboot-oem-sha1sum/ if you want details. He describes it quite well.

You can’t perform that action at this time.