FORUMS
Remove All Ads from XDA

[WIP] [LB] [TEMP ROOT] Z5/Z5C Backup of TA Partition / DRM Keys

144 posts
Thanks Meter: 131
 
By Flummi.FFM, Senior Member on 24th March 2016, 08:17 AM
Thread Closed Email Thread
Hello to everybody!

::::: A FEW WORDS BEFORE YOU ASK 100 TIMES THE SAME ;-P :::::

It has been told widely in these forums that permanent root on LB is impossible due to Verified Boot process implemented by Sony (and now by other vendors. Future for LB devices seems to be "Live root" approach). What we would like to achieve is temporary root privileges using some exploit in order to backup the TA partion, for warranty purposes and for complete stock DRM restore.

THIS ARTICLE IS A WONDERFUL ENTRY POINT IF YOU WANT MORE INFORMATION[/B]

Guys, i am very proud that we could win user zxz0O0 for trying out abilities to use the CVE-2015-1805 security vulnerability to get temporary privileges for i. e. backup of TA Partition of our Xperia Z5/Z5C/Z5P.....

For those who want to know a little bit more of what about we are discussing/ testing here:

Android Security Advisory — 2016-03-18: https://source.android.com/security/...016-03-18.html

CVE: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2015-1805

German article from t3n.de: http://t3n.de/news/google-android-si...luecke-691418/


CURRENT STATUS:

- ZXZ0O0 HAS FINISHED HIS WORK +++ Release for Z5/ Z5C/ Z5P coming soon!

You will need to flash build 32.0.A.6.200 kernel or lower!



LET US THANK:

- ZXZ0O0 FOR HIS AMAZING EFFORTS AND HIS PASSION INTO THIS
- IDLER1984 FOR HIS TESTCODE
- FOR TESTING ZXZ0O0's BUILDS: NINESTARKOKO, RIMMEDA, NILEZON AND ALL OTHERS IF I FORGOT SOMEONE



Greets and Cheers, Your Flummi.FFM
The Following 31 Users Say Thank You to Flummi.FFM For This Useful Post: [ View ] Gift Flummi.FFM Ad-Free
 
 
24th March 2016, 08:45 AM |#2  
Junior Member
Thanks Meter: 1
 
More
Well, we got Linux Kernel 3.10, which is affected by this exploit. This could make root possible, but we have to know how the root app is called 😁
24th March 2016, 08:50 AM |#3  
Flummi.FFM's Avatar
OP Senior Member
Flag Frankfurt am Main
Thanks Meter: 131
 
More
i will look as soon as i have time here
The Following User Says Thank You to Flummi.FFM For This Useful Post: [ View ] Gift Flummi.FFM Ad-Free
24th March 2016, 10:01 AM |#4  
daveyp187's Avatar
Member
Thanks Meter: 14
 
More
Lurking
24th March 2016, 10:15 AM |#5  
Senior Member
Thanks Meter: 106
 
More
old news mate.

http://forum.xda-developers.com/xper...ragon-t3338173

another forummer already pinted this out.

unless you know how to roll back old linux kernel and over come SElinux
24th March 2016, 10:15 AM |#6  
Tommy-Geenexus's Avatar
Senior Member
Flag I live on a Stone Hill.
Thanks Meter: 2,582
 
Donate to Me
More
Quote:
Originally Posted by Flummi.FFM

Good morning to everyone!

Just a few minutes ago on the way to my workplace i just found an article about the CVE-2015-1805 security issue.


Sources:

Android Security Advisory — 2016-03-18: https://source.android.com/security/...016-03-18.html

CVE: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2015-1805

German article from t3n.de: http://t3n.de/news/google-android-si...luecke-691418/


Is THIS what we all waited for to get root on Locked Bootloader? Is here maybe someone who is able to say something about these articles?

Or maybe it is even worth to be evaluated in other device's threads to get people in knowledge of this "security issue"?

Full of hope that someone here is able to workout something on this base, Greets and cheers....

Sony released MM firmware with this CVE already being fixed.
24th March 2016, 11:15 AM |#7  
Flummi.FFM's Avatar
OP Senior Member
Flag Frankfurt am Main
Thanks Meter: 131
 
More
Quote:
Originally Posted by frostmore

old news mate.

http://forum.xda-developers.com/xper...ragon-t3338173

another forummer already pinted this out.

unless you know how to roll back old linux kernel and over come SElinux

In the other thread they Talk about CVE-2016-0819 and CVE-2016-0805 which affects specially snapdragon soc's......

The articles which i found are talking about CVE-2015-1805......

I dont think that we are talking about the same. CVE-2015-1805 affects possibly every Kernel Version 3.4, 3.10 and 3.14.....

If Sony already has fixed the 2015-1805 even while Google itself "forgot", could you tell me where i can find Information about a fix By Sony?




Quote:
Originally Posted by Tommy-Geenexus

Sony released MM firmware with this CVE already being fixed.

The Following User Says Thank You to Flummi.FFM For This Useful Post: [ View ] Gift Flummi.FFM Ad-Free
24th March 2016, 11:31 AM |#8  
Tommy-Geenexus's Avatar
Senior Member
Flag I live on a Stone Hill.
Thanks Meter: 2,582
 
Donate to Me
More
Quote:
Originally Posted by Flummi.FFM

If Sony already has fixed the 2015-1805 even while Google itself "forgot", could you tell me where i can find Information about a fix By Sony?

Simple: I just tried to patch the kernel, and found it has already included the fix.

The patch exists since mid-2015, it's just that devices were recently exploitet using this regression, and Google reacted.
24th March 2016, 12:08 PM |#9  
Flummi.FFM's Avatar
OP Senior Member
Flag Frankfurt am Main
Thanks Meter: 131
 
More
Thx then for your reply......
24th March 2016, 03:33 PM |#10  
Flummi.FFM's Avatar
OP Senior Member
Flag Frankfurt am Main
Thanks Meter: 131
 
More
Quote:
Originally Posted by Tommy-Geenexus

Simple: I just tried to patch the kernel, and found it has already included the fix.

The patch exists since mid-2015, it's just that devices were recently exploitet using this regression, and Google reacted.

I found out that in the source of Release 32.0.a.4.11 the issue IS NOT fixed.......

Maybe a Base for a root solution after downgrade?
24th March 2016, 05:04 PM |#11  
uripiruli's Avatar
Senior Member
Flag Barcelona
Thanks Meter: 21
 
More
Quote:
Originally Posted by Flummi.FFM

I found out that in the source of Release 32.0.a.4.11 the issue IS NOT fixed.......

Maybe a Base for a root solution after downgrade?

Hi man!!
How did you see it?
I asked about it. Maybe zxz0o0 a dev of z3 will help us. I hope he see it

Crossfingers

Enviado desde mi E6653 mediante Tapatalk
Thread Closed Subscribe to Thread

Tags
cve cve-2015-1805 lb root z5
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes