FORUMS

What Do You Think About Fingerprint Scanners?

More and more phones are featuring fingerprint scanners, and with many promising … more

What’s Next for Samsung and Its Flagships?

If we were to say that the Galaxy S6 was a leap of faith made by Samsung, we … more

The Ultimate Showcase of dBrand Skins

In the search for ways to protect, accessorize, and personalize; a user has many options. One … more

Huawei’s Rapid Rise to Third Place in the Smartphone Race

Huawei has quickly grown to become one of the world’s biggest … more

rageagainstthecage-arm5.bin - Trojan?

293 posts
Thanks Meter: 10
 
By guruleenyc, Senior Member on 28th November 2010, 01:50 AM
Thread Closed Subscribe to Thread Email Thread
My Kaspersky is detecting a trojan in this rooting file:

Exploit.Linux.Lotoor.g

See attached screen-shot;

Let me know if this is in fact a false positive...?
Attached Thumbnails
Click image for larger version

Name:	11-27-2010 8-45-52 PM.png
Views:	805
Size:	43.1 KB
ID:	451191  
 
 
28th November 2010, 01:59 AM |#2  
shabbypenguin's Avatar
Recognized Developer
Thanks Meter: 5,347
 
Donate to Me
More
RATC.bin is teh exploit used to root your phone...
28th November 2010, 02:10 AM |#3  
Geniusdog254's Avatar
Retired Recognized Developer
Flag St. Louis
Thanks Meter: 167
 
Donate to Me
More
It's a false positive. Promise.
28th November 2010, 03:42 AM |#4  
Senior Member
Thanks Meter: 1,253
 
More
Quote:
Originally Posted by Geniusdog254

It's a false positive. Promise.

It's not a false positive, the exploit that we use works just like any trojan - it provides back-door access to the system. We're just using a virus to crack open the system long enough to install a more permanent access to root.

That's right, viruses aren't necessarily bad - it just depends on how they're used
The Following User Says Thank You to styles420 For This Useful Post: [ View ]
28th November 2010, 03:55 AM |#5  
Kcarpenter's Avatar
Senior Member
Flag Clinton, TN
Thanks Meter: 146
 
More
It is in deed a real virus, but it won't do much to your windows system other than piss off your av software... Could jump to linux and not worry about viruses...at least very few. Yes they exist, but rarely affecting a personal computer.

Sent from my SPH-D700 using XDA App
28th November 2010, 04:22 AM |#6  
Retired Recognized Developer
Flag Midland
Thanks Meter: 69
 
Donate to Me
More
yeah true true. virus by deffinition yes. but technically anything can be defined as a "virus" by allowing access to "alter" the original programming to allow access to functions other than what the manufacturer intended. dont worry. most antivirus's find a virus in anything. a key generator shows up as a virus. dont worry. your safe.
28th November 2010, 05:00 AM |#7  
Senior Member
Thanks Meter: 26
 
More
Quote:
Originally Posted by Kcarpenter

It is in deed a real virus, but it won't do much to your windows system other than piss off your av software... Could jump to linux and not worry about viruses...at least very few. Yes they exist, but rarely affecting a personal computer.

Sent from my SPH-D700 using XDA App

What you wrote makes no sense, the reason the anti-virus detects it as a trojan is because it includes exploit code to obtain root in LINUX. It won't do anything to a windows box but it can completely own a vulnerable linux box. So telling someone they would need to switch to linux in order to avoid this exploit is ridiculous.
Last edited by richse; 28th November 2010 at 05:03 AM.
28th November 2010, 05:05 AM |#8  
shabbypenguin's Avatar
Recognized Developer
Thanks Meter: 5,347
 
Donate to Me
More
correct it obtains root, but do you understand how? the whole reason it works is by exploiting adb so unless you happen to have the phone version of adb included in your linux build i would think this is pretty harmless
28th November 2010, 05:08 AM |#9  
Senior Member
Thanks Meter: 26
 
More
Quote:
Originally Posted by shabbypenguin

correct it obtains root, but do you understand how? the whole reason it works is by exploiting adb so unless you happen to have the phone version of adb included in your linux build i would think this is pretty harmless

YES, but the reason I responded to that last post was because he was telling someone to switch from windows to linux in order to avoid a linux exploit. There are plenty of valid reasons to switch, but that would have to be the stupidest one I have ever seen put forth.
28th November 2010, 06:10 AM |#10  
Senior Member
Thanks Meter: 1,253
 
More
Quote:
Originally Posted by shabbypenguin

correct it obtains root, but do you understand how? the whole reason it works is by exploiting adb so unless you happen to have the phone version of adb included in your linux build i would think this is pretty harmless

The exploitation of adb is used to get the RATM file on the phone... then RATM uses an exploit in the linux kernel to gain root access. I'm pretty sure RATM isn't using adb to do its magic. What I don't know, is if it is exploiting a part of the kernel that is android specific, or a part that is in every linux kernel
28th November 2010, 06:26 AM |#11  
Retired Recognized Developer
Flag Pasadena, CA
Thanks Meter: 564
 
Donate to Me
More
Quote:
Originally Posted by shabbypenguin

correct it obtains root, but do you understand how? the whole reason it works is by exploiting adb so unless you happen to have the phone version of adb included in your linux build i would think this is pretty harmless

shabbypenguin is right guys... you can't hack regular linux with this... so don't worry about it, and move on...

just be sure to reactivate your antivirus after using it.

Read More
Thread Closed Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes