mercredi 24 décembre 2014

Verizon Moto G bootloader unlock exploit topic

20:33

By: dd On: 20:33  In: , , , , , ,  No comments





I haven't posted on XDA for a while, but recently my friend purchased a Verizon Motorola G for himself and couldn't find a way to unlock the bootloader.

Being *that* kind of friend and all, I did a bit of research and discovered this:
http://blog.azimuthsecurity.com/2013...ootloader.html

I was curious if this exploit was still viable, so I quickly captured the latest OTA update of the Verizon Moto G firmware and started IDA...
Amazingly, although the exploitation method would have to be a little different due to changes in the TrustZone kernel,
the original arbitrary memory writing vulnerability still existed and could be exploited.


Code:

int __fastcall smc_vector(int code, int arg1, int arg2, int arg3, int alwaysZero)
{
    .........
    do
    {
      *(_DWORD *)(_R6 + 4 * v40) = dword_FC492C8[v40];
      ++v40;
    }
    while ( v40 < 4 );
    .........
}

The only downside is that to perform said exploit, the smc call would have to execute in kernel context (i.e. kernel space).
Has anyone capitalized on said vulnerability yet and built a bootloader unlocker using this method, or do I have to get to work
and release my own ""exploit"" for this bug?

Or is there some other technical problem hindering the feasibility of all of this?

Written by

We are Creative Blogger Theme Wavers which provides user friendly, effective and easy to use themes. Each support has free and providing HD support screen casting.

0 commentaires:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)

 

© 2013 Mobile Probleme. All rights resevered. Designed by Templateism

Back To Top