I hereby claim:
- I am fuzion24 on github.
- I am fuzion24 (https://keybase.io/fuzion24) on keybase.
- I have a public key whose fingerprint is DCA7 93D3 BA47 EE72 0733 7426 464A 7A0A A335 84D8
To claim this, I am signing this object:
Fuzion24
/ gist:c4bbc8938c197554b62a
Created
August 28, 2015 19:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bitbox ➜ aosp find . -type f -name "*.java" -print0 | xargs -0 -r grep -E --files-with-matches --null -- "(public|private) native" | xargs -0 -r grep -E --files-with-matches -- "implements (Serializable|Parcelable)" | |
| ./frameworks/ml/bordeaux/learning/stochastic_linear_ranker/java/android/bordeaux/learning/StochasticLinearRanker.java | |
| ./frameworks/base/media/java/android/media/MediaPlayer.java | |
| ./frameworks/base/graphics/java/android/graphics/Region.java | |
| ./frameworks/base/core/java/android/view/InputChannel.java | |
| ./frameworks/base/core/java/android/hardware/camera2/impl/CameraMetadataNative.java | |
| ./external/chromium_org/chrome/android/java/src/org/chromium/chrome/browser/ChromeBrowserProvider.java | |
| ./libcore/libart/src/main/java/java/lang/String.java | |
| ./libcore/libart/src/main/java/java/lang/Class.java |
Fuzion24
/ AndroidManifestFuzzer
Created
April 8, 2014 00:59
— forked from k3170makan/AndroidManifestFuzzer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #Basic set up for an Application AndroidManifest Fuzzer | |
| #this requires a preexisting ant buildable application project to be set up! so get the SDK and ant1.8 | |
| #this file reproduces the bug mentioned here http://ibrahimbalic.com/2014/android-os-memory-corruption-bug/ | |
| #NOTE: values from 260000 and up cause SIGSEGvs to be sent to the system_server (test on KitKat 4.4.2) | |
| #NOTE: you should probably monitor $(adb logcat)||(/system/bin/gdbserver) for responsiveness to the issue | |
| APP_PROJ_DIR="..." #<-- PATH TO PROJ DIR | |
| APP_PACKAGE_NAME="..." #<-- PACKAGE NAME | |
| APP_LAUNCH_COMP="..." # <--- MAIN ACTIVITY NAME |
Fuzion24
/ MainActivity.java
Last active
August 29, 2015 14:01
Nexus 5 Local DOS - Reboots Phone with zero permissions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.nexus5.dos; | |
| import android.content.Intent; | |
| import android.support.v7.app.ActionBarActivity; | |
| import android.os.Bundle; | |
| import android.view.Menu; | |
| import android.view.MenuItem; | |
| import android.view.View; | |
| import android.widget.Button; | |
| public class MainActivity extends ActionBarActivity { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <signal.h> | |
| #include <string.h> | |
| /* | |
| CVE-2013-2141 | |
| http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9e146d8eb3b9ecae5086d373b50fa0c1f3e7f0f | |
| */ | |
| void * kernel_stack_address = NULL; |
Fuzion24
/ AddJavascript.md
Created
November 14, 2014 05:20
I/chromium( 6890): [INFO:CONSOLE(37)] "AddJavascriptInterface: top[Android]: com.WebAppInterface@3847a08c -
error: Access to java.lang.Object.getClass is blocked", source: http://[REDACTED].com/ (37)
For applications targeting Android >= 5.0, you can enumerate the methods available from inside javascript. "Enumeration of methods will be enabled for applications targeting API levels newer than KitKat (to preserve compatibility with older apps)."
Fuzion24
/ Patching-CVE-2015-1474.md
Last active
September 25, 2015 01:21
Patching CVE-2015-1474 -- Remotely exploitable graphics buffer overflow on my Nexus device (N5 5.0.1)
This is a brief guide on how I patched the CVE-2015-1474 for my Nexus 5 - 5.0.1. This involes downloading and building AOSP with the patch for the vuln applied. I have attached a pre-built patched version of libui.so for the Nexus5 5.0.1 in the case you are too lazy to build it yourself (and you trust me).
repo init -u https://android.googlesource.com/platform/manifest -b android-5.0.1_r1
repo sync -j16
cd frameworks/native
# https://android.googlesource.com/platform/frameworks/native/+/38803268570f90e97452cd9a30ac831661829091%5E%21/#F0
git cherry-pick 2bc5e811a817a8c667bca4318ae98582b0ee6dc6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| a |
Fuzion24
/ all_tz_functions.md
Created
September 16, 2015 14:30
LOAD:FE82CDA8 DCD aTzbsp_pil_init ; "tzbsp_pil_init_image_ns"
LOAD:FE82CDAC DCD 0x3D
LOAD:FE82CDB0 DCD tzbsp_pil_init_image_ns+1
LOAD:FE82CDB4 DCD 2
LOAD:FE82CDB8 DCD 4
LOAD:FE82CDBC DCD 4
LOAD:FE82CDC0 DCD 0x805
LOAD:FE82CDC4 DCD aTzbsp_pil_auth ; "tzbsp_pil_auth_reset_ns"
LOAD:FE82CDC8 DCD 0x3D
OlderNewer