Android Police

Articles Tagged:

exploit

...

[Exclusive] How To Root The AT&T HTC One X On Version 1.85 (Or Earlier)

While giving the AT&T HTC One X's firmware a look over, I ran across a a vulnerability that would allow us to gain root access. It turned out not to be all that useful at the time, as another root was released the same day. With the latest 1.85 firmware leak, the previously published root has been fixed, making the one I found earlier useful once again.

Update: AT&T disabled the app installation features of Ready2Go thereby breaking this root process.

Read More
...

LG Spectrum Gets Root Access Thanks To Dan Rosenberg

Dan Rosenberg, a security researcher and rooting mastermind, has done it again, this time making quick work of the LG Spectrum. In a post to his blog just moments ago, Rosenberg simply states "Yawn. LG loses, users win," and gives instructions on downloading the scripts he provides for Windows, Linux, and OSX.

Considering all that Rosenberg has done (and continues to do) for the community, I'd highly recommend supporting him by hitting the donate button below.

Read More
...

Motorola Xoom Family Edition Rooted (Again) Following Latest OTA Update

After learning that yesterday's XYBoard root (which was thought to work on all Gingerbread/Honeycomb Moto devices) didn't play nice with Motorola's Xoom Family Edition, highly respected security researcher Dan Rosenberg decided to have a look, hoping to bring root back to the FE.

In a post to his blog earlier today, Rosenberg announced that he has found a working exploit for rooting the Xoom Family Edition. Rosenberg has again beaten others to the punch, namely a developer called Evil_DevNull, who Rosenberg calls out in the post for the alleged plagiarism of a previous FE exploit.

Read More
...

[Updated: Prepaid Cards Are Back] Google Puts Prepaid Card Provisioning On Pause Following Wallet Security Scare

Following the discovery of two security exploits within Google Wallet, the Vice President of Google Wallet and Payments, Osama Bedier, released a statement reassuring readers that Google takes "concrete actions" to protect its users. The statement further indicated that, in response to Wallet's security scare, Google has put prepaid card provisioning on hold, at least until a permanent fix is issued (which should happen "soon").

Update 2/14/12: Prepaid card provisioning has been restored:

Yesterday afternoon, we restored the ability to issue new prepaid cards to the Wallet.

Read More
...

[Update: Download Now] DROID 4 Universal Motorola Root Methods Discovered, Both Being Withheld Until A $500 Bounty Is Raised

Update: You can download a batch script to root your DROID 4 now (you'll need to have USB debugging and Unknown Sources enabled in the Application settings menu). Find the file on this page, and if you can spare it, take the time to donate to Dan Rosenberg for finding the exploit. All proceeds will go directly to charity, in this case, the American Red Cross.

Widely known and respected security researcher Dan Rosenberg has evidently uncovered a root method for the Droid 4, in addition to a universal Motorola root method.

Read More
...

Google Wallet's PIN Verification Cracked (Again), No Root Access Required

Yesterday, a security firm called zvelo demonstrated a vulnerability within Google Wallet, cracking its PIN verification system using brute force, giving Wallet access to anyone who had the exploit. It was also revealed that the hack only worked on rooted devices, and Google swiftly reported that a fix for the bug was already being worked on.

Adding to Google Wallet's security worries, a new hack was posted online today, claiming to give access to Google Wallet (sans PIN) on non-rooted devices, requiring just a few steps to gain user information (and funds).

Read More
...

Sony Tablet S Finally Rooted, And Everything You Need Resides In One Little File

Pay attention to the name Dan Rosenberg, it's one that you're going to want to know for the future. He's the guy who brought us root for the Lenovo Thinkpad Tablet, and now he's back with a root method for the Sony Tablet S. His blog post on how he figured out the exploit is an absolutely fascinating read, albeit quite technical. Even if you don't understand the post in its entirety, you can still appreciate the genius at work to construct such a clever exploit.

Read More
...

[Download] BurritoRoot 2 Gives Root Access Back To Kindle Fire Users After 6.2.2 Update

Justin Case has done it again, bringing root access back to users of Amazon's Kindle Fire who accepted the recent firmware update to version 6.2.2. BurritoRoot 2 is an easy-to-use exploit that only requires adb (Android debug bridge) and a few moments of your time. Users looking to root their device after Amazon's latest firmware update can grab BurritoRoot 2 using the download mirrors below.

To use the exploit, just download the file and run the following commands from adb:

adb push BurritoRoot2.bin /data/local/

adb shell chmod 777 /data/local/BurritoRoot2.bin

adb shell /data/local/BurritoRoot2.bin

adb root

adb shell id

<if uid = 0 continue, if not start over>

adb remount

adb push su /system/xbin/su

adb shell chown 0.0 /system/xbin/su

adb shell chmod 06755 /system/xbin/su

adb remount

adb install Superuser.apk (skip this step if its already installed)

For more information, check out Justin's original thread over at XDA.

Read More
...

[Updated x2] Blackberry Playbook Now 'Root-able', Allows For Full Android Market Access

Update #1: Well, that was much faster than anyone expected - RIM has already released the patch for this exploit. The good news is that the patch isn't yet available in the 2.0 Beta, but you can bet that it will be rolled into the update before it hits the masses in its final form. If you happened to accept the update on the current version and still want to give this exploit a try, then you can always downgrade the OS.
Read More
...

Report: Security Vulnerability In Many Android Phones Allows Malicious Apps To Record Audio, Track Location, And More Without User Permission

According to a group of computer scientists at North Carolina State University, a vulnerability exists within many Android devices that would allow hackers (or malicious apps) to bypass the permissions request process and tap into audio and location, wipe apps and data, or send unauthorized SMS messages, all without the user knowing.

This news may sound a bit sensational, but the researchers have created and tested a dummy app which effectively demonstrates the exploit:

Among the eight phones tested with the researchers' diagnostic app (Woodpecker), HTC's Evo 4G seemed to be the most vulnerable, able to "leak" eight different capabilities to their dummy app, which was not explicitly granted appropriate permissions by the user.

Read More
Page 2 of 41234
Quantcast