CyberNews404 - Twitter users, who use the name "Elliot Alderson" (which is the main character name of the Robot TV series), find a backdoor (an exploit) on all OnePlus devices running OxygenOS that allows anyone to gain root access to the device.
The application in question is "EngineerMode," a diagnostic testing application built by Qualcomm for device manufacturers to easily test all hardware components of the device.The escalatedUp method is calling Privilege.escalate(password) and if the result is true, it set the system property persist.sys.adbroot and oem.selinux.reload_policy to 1 pic.twitter.com/92LeBfDPAv— Elliot Alderson (@fs0c131y) November 13, 2017
This APK comes pre-installed (accidentally left behind) on most OnePlus devices, including OnePlus 2, 3, 3T and the newly launched OnePlus 5.
You can also check if this app is installed on your OnePlus device or not. For this, just go into settings, open the app, enable view system app from the top right corner (point three) and locate EngineerMode.APK in the list.
If any, anyone with physical access to your device can use EngineerMode to gain root access to your device.
EngineerMode has been designed to diagnose problems with GPS, check the root status of the device, perform automated tests of 'production lines', and more.
After decompiling the APK EngineerMod, Twitter user "Elliot Alderson" finds the 'DiagEnabled' activity, which if opened with a specific keyword (This is "Angela", found after reverse engineering) allows the user to gain full root access on the smartphone, even without opening the bootloader.
Although this application opportunity is already exploited in the wild may be low, it seems to be a serious security problem for OnePlus users because root access can be achieved by anyone using simple commands.The best thing in this story is the password. It's angela (see the reference?). This backdoor is here intentionally. When the fiction become a reality. Good luck @getpeid, you will need a very good explanation.— Elliot Alderson (@fs0c131y) November 14, 2017
cc @whoismrrobot pic.twitter.com/IJgsu6hCEc
In addition, with root access in hand, attackers can perform many malicious tasks on the victim's device, including installing mysterious malware, which is difficult to detect or remove.The escalatedUp method is calling Privilege.escalate(password) and if the result is true, it set the system property persist.sys.adbroot and oem.selinux.reload_policy to 1 pic.twitter.com/92LeBfDPAv— Elliot Alderson (@fs0c131y) November 13, 2017
Meanwhile, to protect themselves, OnePlus owners can only disable root on their phones. To do this, run the following command in the ADB shell: "setprop persist.sys.adb.engineermode 0" and "setprop persist.sys.adbroot 0" or call code * # 8011 #
In response to this problem, OnePlus founder Carl Pei said that the company is investigating the matter.
I will publish an application on the PlayStore to root your @OnePlus device in the next hours— Elliot Alderson (@fs0c131y) November 13, 2017
![[Learning Module] Metasploit The Penetration Tester's Guide : Basic Absolute For Penetration Testing](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgIGcys0kl5v0lguuoTfjDFY5pdnrH_-ZKRVMSCfvaZXodh3I3Y9Ketrvqw41ekC79J1tTzJ7k6zTOlRrGgh22Q4_3csCi_FPJ9_a3NV7R9q6zhKBV-mGj8NxY2wIU7FE0Gf2sdlkx95A/s72-c/Penetration-Tester-Guide-CyberNews404.PNG)
No comments:
Post a Comment