Skip to content
An exploit for SHAREit <= v 4.0.38
Branch: master
Clone or download
Latest commit 3bb2e9b Feb 25, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
assets
static DUMPit exploit Feb 25, 2019
README.md
autopwn.py
exploit.py
server.py

README.md

About

DUMPit is an exploit for SHAREit mobile app abusing two recently discovered vulnerabilities affecting SHAREit Android application <= v 4.0.38. The first one allows an attacker to bypass SHAREit device authentication mechanism, and the other one enables the authenticated attacker to download arbitrary files from the user’s device. Both vulnerabilities were reported to the vendor and patches have been released.

Demo

DUMPit exploit demo

Resources

Usage

To launch the exploit server with GUI (Tested on windows,linux)

python server.py

To launch the autopwn module (Works on linux only)

python autopwn.py

Legal disclaimer

Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

You can’t perform that action at this time.