FORUMS

T-Mobile Galaxy S6 Battery Woes

I’ve been using a T-Mobile Galaxy S6 since the device launched with T-mobile’s … more

Earthquake Early Warning in Your Pocket

Probably all of us reading this have a smartphone in our pocket. For many of us, the … more

Sony: The OEM You Want To Save

In our recent Discuss article, we asked you readers on which OEM you would like to help. While the … more

How to Lock and Protect Your Apps – XDA Xposed Tuesday

The smartphone revolution has passed. Everybody has mobile apps. Some of … more

rageagainstthecage-arm5.bin - Trojan?

293 posts
Thanks Meter: 10
 
By guruleenyc, Senior Member on 28th November 2010, 01:50 AM
Thread Closed Subscribe to Thread Email Thread
My Kaspersky is detecting a trojan in this rooting file:

Exploit.Linux.Lotoor.g

See attached screen-shot;

Let me know if this is in fact a false positive...?
Attached Thumbnails
Click image for larger version

Name:	11-27-2010 8-45-52 PM.png
Views:	805
Size:	43.1 KB
ID:	451191  
 
 
28th November 2010, 01:59 AM |#2  
shabbypenguin's Avatar
Recognized Developer
Thanks Meter: 5,345
 
Donate to Me
More
RATC.bin is teh exploit used to root your phone...
28th November 2010, 02:10 AM |#3  
Geniusdog254's Avatar
Retired Recognized Developer
Flag St. Louis
Thanks Meter: 167
 
Donate to Me
More
It's a false positive. Promise.
28th November 2010, 03:42 AM |#4  
Senior Member
Thanks Meter: 1,253
 
More
Quote:
Originally Posted by Geniusdog254

It's a false positive. Promise.

It's not a false positive, the exploit that we use works just like any trojan - it provides back-door access to the system. We're just using a virus to crack open the system long enough to install a more permanent access to root.

That's right, viruses aren't necessarily bad - it just depends on how they're used
The Following User Says Thank You to styles420 For This Useful Post: [ View ]
28th November 2010, 03:55 AM |#5  
Kcarpenter's Avatar
Senior Member
Flag Clinton, TN
Thanks Meter: 146
 
More
It is in deed a real virus, but it won't do much to your windows system other than piss off your av software... Could jump to linux and not worry about viruses...at least very few. Yes they exist, but rarely affecting a personal computer.

Sent from my SPH-D700 using XDA App
28th November 2010, 04:22 AM |#6  
Retired Recognized Developer
Flag Midland
Thanks Meter: 69
 
Donate to Me
More
yeah true true. virus by deffinition yes. but technically anything can be defined as a "virus" by allowing access to "alter" the original programming to allow access to functions other than what the manufacturer intended. dont worry. most antivirus's find a virus in anything. a key generator shows up as a virus. dont worry. your safe.
28th November 2010, 05:00 AM |#7  
Senior Member
Thanks Meter: 26
 
More
Quote:
Originally Posted by Kcarpenter

It is in deed a real virus, but it won't do much to your windows system other than piss off your av software... Could jump to linux and not worry about viruses...at least very few. Yes they exist, but rarely affecting a personal computer.

Sent from my SPH-D700 using XDA App

What you wrote makes no sense, the reason the anti-virus detects it as a trojan is because it includes exploit code to obtain root in LINUX. It won't do anything to a windows box but it can completely own a vulnerable linux box. So telling someone they would need to switch to linux in order to avoid this exploit is ridiculous.
Last edited by richse; 28th November 2010 at 05:03 AM.
28th November 2010, 05:05 AM |#8  
shabbypenguin's Avatar
Recognized Developer
Thanks Meter: 5,345
 
Donate to Me
More
correct it obtains root, but do you understand how? the whole reason it works is by exploiting adb so unless you happen to have the phone version of adb included in your linux build i would think this is pretty harmless
28th November 2010, 05:08 AM |#9  
Senior Member
Thanks Meter: 26
 
More
Quote:
Originally Posted by shabbypenguin

correct it obtains root, but do you understand how? the whole reason it works is by exploiting adb so unless you happen to have the phone version of adb included in your linux build i would think this is pretty harmless

YES, but the reason I responded to that last post was because he was telling someone to switch from windows to linux in order to avoid a linux exploit. There are plenty of valid reasons to switch, but that would have to be the stupidest one I have ever seen put forth.
28th November 2010, 06:10 AM |#10  
Senior Member
Thanks Meter: 1,253
 
More
Quote:
Originally Posted by shabbypenguin

correct it obtains root, but do you understand how? the whole reason it works is by exploiting adb so unless you happen to have the phone version of adb included in your linux build i would think this is pretty harmless

The exploitation of adb is used to get the RATM file on the phone... then RATM uses an exploit in the linux kernel to gain root access. I'm pretty sure RATM isn't using adb to do its magic. What I don't know, is if it is exploiting a part of the kernel that is android specific, or a part that is in every linux kernel
Thread Closed Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes