FORUMS
Remove All Ads from XDA

Amazing Temp Root for MediaTek ARMv8

1,073 posts
Thanks Meter: 1,376
 
By diplomatic, Senior Member on 17th April 2019, 12:51 PM
Post Reply Email Thread
7th October 2019, 01:23 PM |#531  
Senior Member
Thanks Meter: 1,420
 
Donate to Me
More
Quote:
Originally Posted by Supermatt01

@diplomatic, have you seen the zero day exploitation? Do you think it may be used for gaining full root access without malignancies?

Quote:
Originally Posted by diplomatic

I've read a little bit about it. The full exploit isn't published yet, I don't think. But what do you mean by malignancies? It does sound like it can get full root.

Are you talking about this?

"the zero day exploitation" isn't really a good description.

I was gonna check it out as well, there is a poc available with a write-what-where primitive.
You could probably easily make an mtk-su fork that replaces the mtk-primitive with this one
The Following User Says Thank You to k4y0z For This Useful Post: [ View ] Gift k4y0z Ad-Free
7th October 2019, 05:20 PM |#532  
Junior Member
Thanks Meter: 1
 
More
Re: Root via mtk-su/magisk
My smart-brick (tcl a502dl & 8.1) does not allow "enable background" app option for either MM or init.d support (some other apps still do). So I disabled Battery Optimization for MM & Init.d support & enabled app Notify for both. As for MM I added Autoresponse Grant.
Now after boot the whole shebang is no-go but a init-supp "run scripts now" starts it OK - every time after so many restarts that my smart-brick belongs on my fireplace.
Also I "think" that booting with the USB cable connect to PC is naughty -- I knew you guys hated Windows but sheesh...

Thank you very much.

Rich
8th October 2019, 02:07 AM |#533  
Senior Member
Flag Surabaya
Thanks Meter: 67
 
More
[QUOTE=diplomatic;80456323]I've read a little bit about it. The full exploit isn't published yet, I don't think. But what do you mean by malignancies? It does sound like it can get full root.



I mean that the reason it is being patched up is because it's claimed that people are using it for injection of malware. I would hope to use it to our advantage without malware.

---------- Post added at 02:07 AM ---------- Previous post was at 02:02 AM ----------

Quote:
Originally Posted by k4y0z

Are you talking about this?

"the zero day exploitation" isn't really a good description.

I was gonna check it out as well, there is a poc available with a write-what-where primitive.
You could probably easily make an mtk-su fork that replaces the mtk-primitive with this one

Yes, that one. It says that OPPO devices may be vulnerable to the exploit. If it is a kernel issue, maybe it will work on Snapdragon and MTK devices.
8th October 2019, 03:52 PM |#534  
OP Senior Member
Thanks Meter: 1,376
 
Donate to Me
More
Quote:
Originally Posted by k4y0z

Are you talking about this?

"the zero day exploitation" isn't really a good description.

I was gonna check it out as well, there is a poc available with a write-what-where primitive.
You could probably easily make an mtk-su fork that replaces the mtk-primitive with this one

Yeah, I looked at the code and the memory r/w routines could be fairly interchangeable because this is in the same league as mtk-su. (Are you gunning for temp root on the Fire TV 4K stick? ) But seriously, can you check if Amazon's/MTK kernel has been patched for this? It may only apply to Oreo+ devices though, from what I read.

Quote:
Originally Posted by rc1421x

My smart-brick (tcl a502dl & 8.1) does not allow "enable background" app option for either MM or init.d support (some other apps still do). So I disabled Battery Optimization for MM & Init.d support & enabled app Notify for both. As for MM I added Autoresponse Grant.
Now after boot the whole shebang is no-go but a init-supp "run scripts now" starts it OK - every time after so many restarts that my smart-brick belongs on my fireplace.
Also I "think" that booting with the USB cable connect to PC is naughty -- I knew you guys hated Windows but sheesh...

I don't get what you're saying here. So it did work with automatic Grant, or not? (And what is booting with USB cable connected?)

Quote:
Originally Posted by Supermatt01

I mean that the reason it is being patched up is because it's claimed that people are using it for injection of malware. I would hope to use it to our advantage without malware.

Yes, that one. It says that OPPO devices may be vulnerable to the exploit. If it is a kernel issue, maybe it will work on Snapdragon and MTK devices.

There's no such thing as full root without the possibility of malicious actions. I guess that's what you mean by malignancies. A vulnerability that lets you get root access is of the highest severity. That means it's at the highest priority of getting patched. Doesn't matter what's it's already being used for...
The Following User Says Thank You to diplomatic For This Useful Post: [ View ] Gift diplomatic Ad-Free
8th October 2019, 10:24 PM |#535  
Senior Member
Thanks Meter: 1,420
 
Donate to Me
More
Quote:
Originally Posted by diplomatic

Yeah, I looked at the code and the memory r/w routines could be fairly interchangeable because this is in the same league as mtk-su. (Are you gunning for temp root on the Fire TV 4K stick? ) But seriously, can you check if Amazon's/MTK kernel has been patched for this? It may only apply to Oreo+ devices though, from what I read.

Temp root for the 4K would have been nice, yes
Couldn't get it to work though on the 4K, seems like the poc would need adjustments for 32-bit anyway.
But couldn't even get the crash to work.
The Following 2 Users Say Thank You to k4y0z For This Useful Post: [ View ] Gift k4y0z Ad-Free
9th October 2019, 08:54 AM |#536  
hassan.seoul's Avatar
Junior Member
Flag Khanewal
Thanks Meter: 14
 
More
Quote:
Originally Posted by diplomatic

Wow, for real? Have you or someone tested it? What was the error?

Sir root shell is working fine on termux but suboot is not working.

Device = Oppo F11 (CPH1911)

@Supermatt01 was saying that suboot works fine on his device. He has not yet updated to latest security patch.
Attached Thumbnails
Click image for larger version

Name:	IMG_20191009_124528.jpg
Views:	70
Size:	137.8 KB
ID:	4839071   Click image for larger version

Name:	IMG_20191009_124433.jpg
Views:	72
Size:	103.5 KB
ID:	4839073  
The Following User Says Thank You to hassan.seoul For This Useful Post: [ View ] Gift hassan.seoul Ad-Free
9th October 2019, 01:07 PM |#537  
OP Senior Member
Thanks Meter: 1,376
 
Donate to Me
More
Quote:
Originally Posted by hassan.seoul

Sir root shell is working fine on termux but suboot is not working.

Device = Oppo F11 (CPH1911)

@Supermatt01 was saying that suboot works fine on his device. He has not yet updated to latest security patch.

Try this script. I think it will work better.
Attached Files
File Type: zip suboot_oppo20190827a.zip - [Click for QR Code] (3.3 KB, 30 views)
The Following User Says Thank You to diplomatic For This Useful Post: [ View ] Gift diplomatic Ad-Free
9th October 2019, 02:00 PM |#538  
hassan.seoul's Avatar
Junior Member
Flag Khanewal
Thanks Meter: 14
 
More
Quote:
Originally Posted by diplomatic

Try this script. I think it will work better.

Thanks A lot Sir, It worked perfectly. You should move the oppo workaround to the OP.
The Following User Says Thank You to hassan.seoul For This Useful Post: [ View ] Gift hassan.seoul Ad-Free
9th October 2019, 03:02 PM |#539  
OP Senior Member
Thanks Meter: 1,376
 
Donate to Me
More
@hassan.seoul: Cool.... Let me know if you get any warnings from the OS about root access, and which system app is showing them.
The Following User Says Thank You to diplomatic For This Useful Post: [ View ] Gift diplomatic Ad-Free
9th October 2019, 03:21 PM |#540  
hassan.seoul's Avatar
Junior Member
Flag Khanewal
Thanks Meter: 14
 
More
Quote:
Originally Posted by diplomatic

@hassan.seoul: Cool.... Let me know if you get any warnings from the OS about root access, and which system app is showing them.

No, I didn't get any kinda warning or caution. All is working fine till now. I'll let you know if anything wrong happens!
Thanks again!
10th October 2019, 11:17 AM |#541  
Senior Member
Thanks Meter: 15
 
Donate to Me
More
Anyone has tried on OPPO F9 (CHP1823) yet?
Please let me know, I really want to root my device event temporary.
Post Reply Subscribe to Thread

Tags
mediatek, mt67xx, root

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes