Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,771,526 Members 49,840 Now Online
XDA Developers Android and Mobile Development Forum

[ROOT EXPLOIT+PATCH][2012.12.19] ExynosAbuse APK v1.40

Tip us?
 
Chainfire
Old
(Last edited by Chainfire; 19th December 2012 at 10:25 PM.)
#1  
Chainfire's Avatar
Senior Moderator / Senior Recognized Developer - Where is my shirt? - OP
Thanks Meter 49293
Posts: 9,017
Join Date: Oct 2007

 
DONATE TO ME
Default [ROOT EXPLOIT+PATCH][2012.12.19] ExynosAbuse APK v1.40

This is an APK that uses the ExynosAbuse exploit (by alephzain) to be able to do various things on your Exynos4 based device.

Features for non-rooters:
- Securely patch the exploit

Features for rooters:
- Root the device (SuperSU v0.99)
- Enable/disable the exploit at will
- Enable/disable patching the exploit at boot
- Unroot and cleanup (optionally leaving the exploit patch at boot in place)

Please note that patching the exploit may break camera functionality, depending on device and firmware. Also note that if use the patch method without rooting, or keep patching the exploit at boot enabled when unrooting, you need an alternate method to re-root the device to disable this feature (like CF-Auto-Root) - you cannot use ExynosAbuse to do this since it patched the exploit. Unlike other patch authors, I do not believe in keeping an invisible rooted process running in the background while pretending you aren't rooted, to be able to unpatch this way.

While the exploit patches work (aside from possibly disabling your camera), these are more work-around than actual fixes. A proper patch would be a kernel fix, either from a third party or Samsung themselves (hopefully one day...)

My method vs Supercurio, RyanZA
Mine is the only one that is secure. Both Supercurio's and RyanZA's method leave you with easily exploitable holes any serious malware author will abuse. More details http://forum.xda-developers.com/show....php?t=2053824

Exploit
For more details on the exploit itself, see this thread: http://forum.xda-developers.com/show....php?t=2048511. The exploit is used by this APK in unmodified form. You should be very afraid of this exploit - any app can use it to gain root without asking and without any permissions on a vulnerable device. Let's hope for some fixes ASAP !

Camera
If your camera keeps working depends on your device/firmware combination. Affected are mostly the SGS3, but there is good news too, there is a potential fix here: http://forum.xda-developers.com/show....php?t=2052675 SGS3 I9300 ONLY. It seems to work for a number of people. It replaces some system libraries with libraries from a different firmware version that does not rely on /dev/exynos-mem. Do not attempt this unless your camera actually breaks due to the exploit, and beware it may cause you to have to reflash your firmware. Also beware that even though this change will not prevent OTAs from downloading, it can possibly prevent OTAs from flashing succesfully.

Device status
Using this patch may turn your device status into modified. There's not really a proper solution to that at the moment, but you can restore status by removing the patch (and SuperSU) again and rebooting your phone. This will however leave you unprotected again. Doing all sorts of weird stuff (like for example wiping data) to get rid of this modified status while you're still have the patch applied at boot or keep SuperSU around, is an exercise in futility. If you want to go ahead and do that, that is fine, but do not litter my thread with your comments. Because eventually, the modified status is likely to return

Compatibility:
(If your device isn't listed it could still be both compatible with the exploit as well as this fix !)

Samsung Galaxy S2 GT-I9100

Samsung Galaxy S3 GT-I9300
Samsung Galaxy S3 LTE GT-I9305

Samsung Galaxy Note GT-N7000

Samsung Galaxy Note 2 GT-N7100
Samsung Galaxy Note 2 LTE GT-N7105
AT&T Galaxy Note 2 SGH-I317
Verizon Galaxy Note 2 SCH-I605 both locked and unlocked bootloaders work

Samsung Galaxy Camera EK-GC100

Samsung Galaxy Tab Plus GT-P6210

Samsung Galaxy Note 10.1 GT-N8000, GT-N8010, GT-N8013, GT-N8020

Google Nexus 10 not compatible, Exynos5

Post in this thread if you have a device to add.

Notes
I'm not sure if this APK will work right on Android 2.x devices (not tested yet), doesn't mean the exploit doesn't work. So if you're on Android 2.x and this APK doesn't work for you, try doing the exploit manually.

Download

Please do not redistribute, link to this thread instead

v1.40 hashes:
MD5: be4a373ff2848a16bfb948d7e1d1f7d2
SHA1: 79670ab10da59ea58df222e94ad9e8ed83c791a9

(v1.00: 3786; v1.10: 6397; v1.20: 12004; v1.30: 14480)
Attached Files
File Type: apk ExynosAbuse-v1.40.apk - [Click for QR Code] (1.16 MB, 994062 views)
BLOG - G+(Chainfire) - G+(Personal) - TWITTER - IRC - DONATE

A proper quote includes only the relevant paragraphs, and a proper post never ends with the word "why"

Android
HTC G1, Hero, One
LG G Pad 8.3, G Watch, G3
Moto E
Samsung i5800, i9000*2, P1000*2, P7100, i9100*2, N7000, P6800, i9300, N7100, i9505, N9005, G900F
Sony T LT30p, Z C6603
Nexus Galaxy*2, N7*2, N10, N7-2013, N7-2013-3G, N5

SuperSU, Mobile ODIN, TriangleAway, DSLR Controller, CF-Root, 500 Firepaper, OpenDelta, USB Host Diagnostics, ExynosAbuseAPK, Live dmesg+logcat, NoMoarPowah!, CF-Bench, Chainfire3D, CF.lumen, SGS2 SIM Unlocker, GingerBreakAPK, SuperPower, and more!

Windows Mobile 5/6
E-Mobile EM-ONE
HTC Wizard*2, Kaiser, Touch, Diamond, Pro, HD*2, Diamond 2, Pro 2*2, HD2*2
Samsung i780, i900*2, i8000*2, b7300, b7320, b7330, b7620*2, b6520

WMWifiRouter, KaiserTweak, FPUEnabler, WMLongLife, WMRegOptimizer, CFC+GUI, TF3D+v2 ports, Kaiser+Omnia2+Snapdragon 3D drivers, GfxBoost, and more!

Windows Phone 7
LG GW910

NOTICE: I do not respond to tech support questions through PM.
The Following 825 Users Say Thank You to Chainfire For This Useful Post: [ Click to Expand ]
 
Chainfire
Old
(Last edited by Chainfire; 19th December 2012 at 02:18 PM.)
#2  
Chainfire's Avatar
Senior Moderator / Senior Recognized Developer - Where is my shirt? - OP
Thanks Meter 49293
Posts: 9,017
Join Date: Oct 2007

 
DONATE TO ME
Default Changelogs

2012.12.19 - v1.40
- Added check for updates functionality
- Added "current status" display
- Split into sections for non-rooters and rooters
- Added "One-click secure exploit patch" for those who just want to patch their device and forget about
- Added ability to unroot and clean up the leftovers (optionally leaving the patch code in place)

2012.12.18 - v1.30
- Adjusted many things in the shell code, the app will now properly detect an install SuperSU/Superuser with the wrong permissions as NOT having root
- Added a startup notification telling you your device/firmware is not susceptible to this exploit, if it isn't

2012.12.17 - v1.20
- Gingerbread-related fixes - note that not all Gingerbread firmwares of affected devices are vulnerable (for example, I know several SGS2 GB firmwares are not exploitable)
- Added some spam (view my apps on Play, follow me on Twitter, that sort of BS)
- Added icon

2012.12.16 - v1.10
- Added ability to disable and re-enable the exploit (which may break camera)
- Added ability to disable exploit at boot (before any Play-installed app runs, other solutions run later which means they are still vulnerable)
- Both above features require being rooted

2012.12.16 - v1.00
- Initial release
BLOG - G+(Chainfire) - G+(Personal) - TWITTER - IRC - DONATE

A proper quote includes only the relevant paragraphs, and a proper post never ends with the word "why"

Android
HTC G1, Hero, One
LG G Pad 8.3, G Watch, G3
Moto E
Samsung i5800, i9000*2, P1000*2, P7100, i9100*2, N7000, P6800, i9300, N7100, i9505, N9005, G900F
Sony T LT30p, Z C6603
Nexus Galaxy*2, N7*2, N10, N7-2013, N7-2013-3G, N5

SuperSU, Mobile ODIN, TriangleAway, DSLR Controller, CF-Root, 500 Firepaper, OpenDelta, USB Host Diagnostics, ExynosAbuseAPK, Live dmesg+logcat, NoMoarPowah!, CF-Bench, Chainfire3D, CF.lumen, SGS2 SIM Unlocker, GingerBreakAPK, SuperPower, and more!

Windows Mobile 5/6
E-Mobile EM-ONE
HTC Wizard*2, Kaiser, Touch, Diamond, Pro, HD*2, Diamond 2, Pro 2*2, HD2*2
Samsung i780, i900*2, i8000*2, b7300, b7320, b7330, b7620*2, b6520

WMWifiRouter, KaiserTweak, FPUEnabler, WMLongLife, WMRegOptimizer, CFC+GUI, TF3D+v2 ports, Kaiser+Omnia2+Snapdragon 3D drivers, GfxBoost, and more!

Windows Phone 7
LG GW910

NOTICE: I do not respond to tech support questions through PM.
The Following 105 Users Say Thank You to Chainfire For This Useful Post: [ Click to Expand ]
 
Chainfire
Old
#3  
Chainfire's Avatar
Senior Moderator / Senior Recognized Developer - Where is my shirt? - OP
Thanks Meter 49293
Posts: 9,017
Join Date: Oct 2007

 
DONATE TO ME
--- reserved as well ---
BLOG - G+(Chainfire) - G+(Personal) - TWITTER - IRC - DONATE

A proper quote includes only the relevant paragraphs, and a proper post never ends with the word "why"

Android
HTC G1, Hero, One
LG G Pad 8.3, G Watch, G3
Moto E
Samsung i5800, i9000*2, P1000*2, P7100, i9100*2, N7000, P6800, i9300, N7100, i9505, N9005, G900F
Sony T LT30p, Z C6603
Nexus Galaxy*2, N7*2, N10, N7-2013, N7-2013-3G, N5

SuperSU, Mobile ODIN, TriangleAway, DSLR Controller, CF-Root, 500 Firepaper, OpenDelta, USB Host Diagnostics, ExynosAbuseAPK, Live dmesg+logcat, NoMoarPowah!, CF-Bench, Chainfire3D, CF.lumen, SGS2 SIM Unlocker, GingerBreakAPK, SuperPower, and more!

Windows Mobile 5/6
E-Mobile EM-ONE
HTC Wizard*2, Kaiser, Touch, Diamond, Pro, HD*2, Diamond 2, Pro 2*2, HD2*2
Samsung i780, i900*2, i8000*2, b7300, b7320, b7330, b7620*2, b6520

WMWifiRouter, KaiserTweak, FPUEnabler, WMLongLife, WMRegOptimizer, CFC+GUI, TF3D+v2 ports, Kaiser+Omnia2+Snapdragon 3D drivers, GfxBoost, and more!

Windows Phone 7
LG GW910

NOTICE: I do not respond to tech support questions through PM.
The Following 54 Users Say Thank You to Chainfire For This Useful Post: [ Click to Expand ]
 
JimmyHACK
Old
#4  
Senior Member
Thanks Meter 27
Posts: 173
Join Date: Jul 2007
Nice, fast work. Thanks.
 
oddlyshapedstickman
Old
#5  
oddlyshapedstickman's Avatar
Senior Member
Thanks Meter 89
Posts: 235
Join Date: Aug 2012
Location: London
Wow that was quick. Good work Chainfire!
 
KidCarter93
Old
#6  
KidCarter93's Avatar
Forum Moderator
Thanks Meter 6678
Posts: 14,313
Join Date: Mar 2012
Location: Coventry
Confirmed working on Samsung Galaxy S2 GT-I9100

Sent from my GT-I9100 using xda premium
I'm subscribed to too many threads so I may not notice your reply. To make sure I do, quote my post or add "@KidCarter93" to your reply."
[ m7 | 1.54.401.5 | S-OFF ]
Can't find your answer or not sure where to post? Ask in the XDA Assist Forum
Forum Rules | XDA New User Guide | Getting Moderator Help

"There are 10 types of people in the world - those who understand hexadecimal and F the rest."
Follow me on Twitter - @XDAKidCarter93
 
Krowbarr
Old
#7  
Krowbarr's Avatar
Senior Member
Thanks Meter 191
Posts: 397
Join Date: Feb 2012
Location: Oneonta,New York
Will this root the Sprint/Boost mobile version of the Galaxy S2? Thank you in advance.
The Following 2 Users Say Thank You to Krowbarr For This Useful Post: [ Click to Expand ]
 
imnuts
Old
#8  
imnuts's Avatar
Recognized Developer
Thanks Meter 2974
Posts: 3,411
Join Date: Jul 2007
Location: West Chester

 
DONATE TO ME
Confirmed working on the Verizon Galaxy Note 2 (SCH-I605)
Setup a Development Environment
Setup and Use the Android SDK
Stock Odin Restore files

You can find the answer to all of your questions right here. If that doesn't work, then try this or this
The Following User Says Thank You to imnuts For This Useful Post: [ Click to Expand ]
 
Chainfire
Old
#9  
Chainfire's Avatar
Senior Moderator / Senior Recognized Developer - Where is my shirt? - OP
Thanks Meter 49293
Posts: 9,017
Join Date: Oct 2007

 
DONATE TO ME
Quote:
Originally Posted by imnuts View Post
Confirmed working on the Verizon Galaxy Note 2 (SCH-I605)
Locked or unlocked bootloader ?
BLOG - G+(Chainfire) - G+(Personal) - TWITTER - IRC - DONATE

A proper quote includes only the relevant paragraphs, and a proper post never ends with the word "why"

Android
HTC G1, Hero, One
LG G Pad 8.3, G Watch, G3
Moto E
Samsung i5800, i9000*2, P1000*2, P7100, i9100*2, N7000, P6800, i9300, N7100, i9505, N9005, G900F
Sony T LT30p, Z C6603
Nexus Galaxy*2, N7*2, N10, N7-2013, N7-2013-3G, N5

SuperSU, Mobile ODIN, TriangleAway, DSLR Controller, CF-Root, 500 Firepaper, OpenDelta, USB Host Diagnostics, ExynosAbuseAPK, Live dmesg+logcat, NoMoarPowah!, CF-Bench, Chainfire3D, CF.lumen, SGS2 SIM Unlocker, GingerBreakAPK, SuperPower, and more!

Windows Mobile 5/6
E-Mobile EM-ONE
HTC Wizard*2, Kaiser, Touch, Diamond, Pro, HD*2, Diamond 2, Pro 2*2, HD2*2
Samsung i780, i900*2, i8000*2, b7300, b7320, b7330, b7620*2, b6520

WMWifiRouter, KaiserTweak, FPUEnabler, WMLongLife, WMRegOptimizer, CFC+GUI, TF3D+v2 ports, Kaiser+Omnia2+Snapdragon 3D drivers, GfxBoost, and more!

Windows Phone 7
LG GW910

NOTICE: I do not respond to tech support questions through PM.
The Following 7 Users Say Thank You to Chainfire For This Useful Post: [ Click to Expand ]
 
imnuts
Old
#10  
imnuts's Avatar
Recognized Developer
Thanks Meter 2974
Posts: 3,411
Join Date: Jul 2007
Location: West Chester

 
DONATE TO ME
Quote:
Originally Posted by Chainfire View Post
Locked or unlocked bootloader ?
Still locked and fully stock.
Setup a Development Environment
Setup and Use the Android SDK
Stock Odin Restore files

You can find the answer to all of your questions right here. If that doesn't work, then try this or this

The Following 4 Users Say Thank You to imnuts For This Useful Post: [ Click to Expand ]
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes