• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[ROOT EXPLOIT+PATCH][2012.12.19] ExynosAbuse APK v1.40

Search This thread

Chainfire

Moderator Emeritus / Senior Recognized Developer
Oct 2, 2007
11,442
87,712
www.chainfire.eu
This is an APK that uses the ExynosAbuse exploit (by alephzain) to be able to do various things on your Exynos4 based device.

Features for non-rooters:
- Securely patch the exploit

Features for rooters:
- Root the device (SuperSU v0.99)
- Enable/disable the exploit at will
- Enable/disable patching the exploit at boot
- Unroot and cleanup (optionally leaving the exploit patch at boot in place)

Please note that patching the exploit may break camera functionality, depending on device and firmware. Also note that if use the patch method without rooting, or keep patching the exploit at boot enabled when unrooting, you need an alternate method to re-root the device to disable this feature (like CF-Auto-Root) - you cannot use ExynosAbuse to do this since it patched the exploit. Unlike other patch authors, I do not believe in keeping an invisible rooted process running in the background while pretending you aren't rooted, to be able to unpatch this way.

While the exploit patches work (aside from possibly disabling your camera), these are more work-around than actual fixes. A proper patch would be a kernel fix, either from a third party or Samsung themselves (hopefully one day...)

My method vs Supercurio, RyanZA
Mine is the only one that is secure. Both Supercurio's and RyanZA's method leave you with easily exploitable holes any serious malware author will abuse. More details http://forum.xda-developers.com/showthread.php?t=2053824

Exploit
For more details on the exploit itself, see this thread: http://forum.xda-developers.com/showthread.php?t=2048511. The exploit is used by this APK in unmodified form. You should be very afraid of this exploit - any app can use it to gain root without asking and without any permissions on a vulnerable device. Let's hope for some fixes ASAP !

Camera
If your camera keeps working depends on your device/firmware combination. Affected are mostly the SGS3, but there is good news too, there is a potential fix here: http://forum.xda-developers.com/showthread.php?t=2052675 SGS3 I9300 ONLY. It seems to work for a number of people. It replaces some system libraries with libraries from a different firmware version that does not rely on /dev/exynos-mem. Do not attempt this unless your camera actually breaks due to the exploit, and beware it may cause you to have to reflash your firmware. Also beware that even though this change will not prevent OTAs from downloading, it can possibly prevent OTAs from flashing succesfully.

Device status
Using this patch may turn your device status into modified. There's not really a proper solution to that at the moment, but you can restore status by removing the patch (and SuperSU) again and rebooting your phone. This will however leave you unprotected again. Doing all sorts of weird stuff (like for example wiping data) to get rid of this modified status while you're still have the patch applied at boot or keep SuperSU around, is an exercise in futility. If you want to go ahead and do that, that is fine, but do not litter my thread with your comments. Because eventually, the modified status is likely to return :)

Compatibility:
(If your device isn't listed it could still be both compatible with the exploit as well as this fix !)

Samsung Galaxy S2 GT-I9100

Samsung Galaxy S3 GT-I9300
Samsung Galaxy S3 LTE GT-I9305

Samsung Galaxy Note GT-N7000

Samsung Galaxy Note 2 GT-N7100
Samsung Galaxy Note 2 LTE GT-N7105
AT&T Galaxy Note 2 SGH-I317
Verizon Galaxy Note 2 SCH-I605 both locked and unlocked bootloaders work

Samsung Galaxy Camera EK-GC100

Samsung Galaxy Tab Plus GT-P6210

Samsung Galaxy Note 10.1 GT-N8000, GT-N8010, GT-N8013, GT-N8020

Google Nexus 10 not compatible, Exynos5

Post in this thread if you have a device to add.

Notes
I'm not sure if this APK will work right on Android 2.x devices (not tested yet), doesn't mean the exploit doesn't work. So if you're on Android 2.x and this APK doesn't work for you, try doing the exploit manually.

Download

Please do not redistribute, link to this thread instead

v1.40 hashes:
MD5: be4a373ff2848a16bfb948d7e1d1f7d2
SHA1: 79670ab10da59ea58df222e94ad9e8ed83c791a9

(v1.00: 3786; v1.10: 6397; v1.20: 12004; v1.30: 14480)
 

Attachments

  • ExynosAbuse-v1.40.apk
    1.2 MB · Views: 1,831,720
Last edited:

Chainfire

Moderator Emeritus / Senior Recognized Developer
Oct 2, 2007
11,442
87,712
www.chainfire.eu
Changelogs

2012.12.19 - v1.40
- Added check for updates functionality
- Added "current status" display
- Split into sections for non-rooters and rooters
- Added "One-click secure exploit patch" for those who just want to patch their device and forget about
- Added ability to unroot and clean up the leftovers (optionally leaving the patch code in place)

2012.12.18 - v1.30
- Adjusted many things in the shell code, the app will now properly detect an install SuperSU/Superuser with the wrong permissions as NOT having root
- Added a startup notification telling you your device/firmware is not susceptible to this exploit, if it isn't

2012.12.17 - v1.20
- Gingerbread-related fixes - note that not all Gingerbread firmwares of affected devices are vulnerable (for example, I know several SGS2 GB firmwares are not exploitable)
- Added some spam (view my apps on Play, follow me on Twitter, that sort of BS)
- Added icon

2012.12.16 - v1.10
- Added ability to disable and re-enable the exploit (which may break camera)
- Added ability to disable exploit at boot (before any Play-installed app runs, other solutions run later which means they are still vulnerable)
- Both above features require being rooted

2012.12.16 - v1.00
- Initial release
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 835
    This is an APK that uses the ExynosAbuse exploit (by alephzain) to be able to do various things on your Exynos4 based device.

    Features for non-rooters:
    - Securely patch the exploit

    Features for rooters:
    - Root the device (SuperSU v0.99)
    - Enable/disable the exploit at will
    - Enable/disable patching the exploit at boot
    - Unroot and cleanup (optionally leaving the exploit patch at boot in place)

    Please note that patching the exploit may break camera functionality, depending on device and firmware. Also note that if use the patch method without rooting, or keep patching the exploit at boot enabled when unrooting, you need an alternate method to re-root the device to disable this feature (like CF-Auto-Root) - you cannot use ExynosAbuse to do this since it patched the exploit. Unlike other patch authors, I do not believe in keeping an invisible rooted process running in the background while pretending you aren't rooted, to be able to unpatch this way.

    While the exploit patches work (aside from possibly disabling your camera), these are more work-around than actual fixes. A proper patch would be a kernel fix, either from a third party or Samsung themselves (hopefully one day...)

    My method vs Supercurio, RyanZA
    Mine is the only one that is secure. Both Supercurio's and RyanZA's method leave you with easily exploitable holes any serious malware author will abuse. More details http://forum.xda-developers.com/showthread.php?t=2053824

    Exploit
    For more details on the exploit itself, see this thread: http://forum.xda-developers.com/showthread.php?t=2048511. The exploit is used by this APK in unmodified form. You should be very afraid of this exploit - any app can use it to gain root without asking and without any permissions on a vulnerable device. Let's hope for some fixes ASAP !

    Camera
    If your camera keeps working depends on your device/firmware combination. Affected are mostly the SGS3, but there is good news too, there is a potential fix here: http://forum.xda-developers.com/showthread.php?t=2052675 SGS3 I9300 ONLY. It seems to work for a number of people. It replaces some system libraries with libraries from a different firmware version that does not rely on /dev/exynos-mem. Do not attempt this unless your camera actually breaks due to the exploit, and beware it may cause you to have to reflash your firmware. Also beware that even though this change will not prevent OTAs from downloading, it can possibly prevent OTAs from flashing succesfully.

    Device status
    Using this patch may turn your device status into modified. There's not really a proper solution to that at the moment, but you can restore status by removing the patch (and SuperSU) again and rebooting your phone. This will however leave you unprotected again. Doing all sorts of weird stuff (like for example wiping data) to get rid of this modified status while you're still have the patch applied at boot or keep SuperSU around, is an exercise in futility. If you want to go ahead and do that, that is fine, but do not litter my thread with your comments. Because eventually, the modified status is likely to return :)

    Compatibility:
    (If your device isn't listed it could still be both compatible with the exploit as well as this fix !)

    Samsung Galaxy S2 GT-I9100

    Samsung Galaxy S3 GT-I9300
    Samsung Galaxy S3 LTE GT-I9305

    Samsung Galaxy Note GT-N7000

    Samsung Galaxy Note 2 GT-N7100
    Samsung Galaxy Note 2 LTE GT-N7105
    AT&T Galaxy Note 2 SGH-I317
    Verizon Galaxy Note 2 SCH-I605 both locked and unlocked bootloaders work

    Samsung Galaxy Camera EK-GC100

    Samsung Galaxy Tab Plus GT-P6210

    Samsung Galaxy Note 10.1 GT-N8000, GT-N8010, GT-N8013, GT-N8020

    Google Nexus 10 not compatible, Exynos5

    Post in this thread if you have a device to add.

    Notes
    I'm not sure if this APK will work right on Android 2.x devices (not tested yet), doesn't mean the exploit doesn't work. So if you're on Android 2.x and this APK doesn't work for you, try doing the exploit manually.

    Download

    Please do not redistribute, link to this thread instead

    v1.40 hashes:
    MD5: be4a373ff2848a16bfb948d7e1d1f7d2
    SHA1: 79670ab10da59ea58df222e94ad9e8ed83c791a9

    (v1.00: 3786; v1.10: 6397; v1.20: 12004; v1.30: 14480)
    104
    Changelogs

    2012.12.19 - v1.40
    - Added check for updates functionality
    - Added "current status" display
    - Split into sections for non-rooters and rooters
    - Added "One-click secure exploit patch" for those who just want to patch their device and forget about
    - Added ability to unroot and clean up the leftovers (optionally leaving the patch code in place)

    2012.12.18 - v1.30
    - Adjusted many things in the shell code, the app will now properly detect an install SuperSU/Superuser with the wrong permissions as NOT having root
    - Added a startup notification telling you your device/firmware is not susceptible to this exploit, if it isn't

    2012.12.17 - v1.20
    - Gingerbread-related fixes - note that not all Gingerbread firmwares of affected devices are vulnerable (for example, I know several SGS2 GB firmwares are not exploitable)
    - Added some spam (view my apps on Play, follow me on Twitter, that sort of BS)
    - Added icon

    2012.12.16 - v1.10
    - Added ability to disable and re-enable the exploit (which may break camera)
    - Added ability to disable exploit at boot (before any Play-installed app runs, other solutions run later which means they are still vulnerable)
    - Both above features require being rooted

    2012.12.16 - v1.00
    - Initial release
    53
    --- reserved as well ---
    18
    v1.10 released :)

    Just updated to v1.10 !

    This version allows you to disable the exploit (which may break camera), re-enable the exploit (if you need the camera) and to disable the exploit at boot (before any Android app runs). These options do require root (SuperSU or Superuser) to be installed as well.
    17
    I don't want to moderate 40+ pages of this thread, so please stop giving eachother bad advice.

    Do not listen to anybody that is advising you to NOT use the "on boot" patch.

    If you do not enable the patch at boot, and enable it manually later, you are not protected. Not even a little. Any malicious exploiter will include a run at boot, and if you run into that, you are screwed. Might as well not patch at all.

    Yes, it may break OTA, it may break camera (fixable though, see 1st post) and it may trigger modified status. If you don't want that, then don't patch. It's one or the other. You can't currently have it both ways.