Very good points, DB! On the subject of abuse, one thing I don't want to happen is this method being used for remote attacks. My intent for mtk-su is to be only used locally on one's own device. I don't know if the finished executable is suitable for a remote attack when coupled with another exploit. But one thing that recent binder vulnerability was notable for is having been used with another browser(?) exploit for malicious remote execution. This MTK weakness is more serious, btw.
@DrZener, you're right about the hard work that's been put into it. The amount of code may be fairly small, but the vast majority of work/time/stress was spent on research, not coding. I would think the main benefit of disclosing a security vulnerability would be for it to get patched as soon as possible. But on the other hand, that is also a drawback because it counters my goal of people applying it to their own (locked down) devices. I guess I won't be releasing the source for at least a good while.
So I take it you're trying to build a kernel parser on top of that Binder exploit. If you have other questions, I might be able to help you out...