Root for Gingerbread

[aliasxerog]

Try this. Segfaulted for me, but someone else might be able to get it. thanks to @mjsalinger on twitter and |daver| on irc.

Full Disclosure: Linux kernel exploit

It will give you a temp root. From there anything is possible.

[currentweb]

I understand half of this, but what I do understand seems promising! Temp root is always the first step, and often the toughest part of getting a permanent one.
Good work, you never cease to amaze

[luigi90210]

if we had temp root couldnt we move the proper file needed to obtain root into the /system directory and set the proper permissions to them so we do have perm. root?

[milan616]

I don't have any ability to test this (and am not installing GB anyway), but this comment might help you alias.

Temporary workaround (for all distributions, not just openSUSE): echo 1 > /proc/sys/kernel/panic_on_oops This will now panic the machine instead of making it exploitable.
Maybe on our phones this value is set? Then again can we even make changes to /proc without root?

[Strikeir13]

Try this. Segfaulted for me, but someone else might be able to get it. thanks to @mjsalinger on twitter and |daver| on irc.

Full Disclosure: Linux kernel exploit

It will give you a temp root. From there anything is possible.

I'm willing to try, but I need a little more guidance...

Do I create a file with this text, name it 'full-nelson' and try executing it from adb shell?

Like I said, more than willing to try but some further instruction is necessary :/

[aliasxerog]

I don't have any ability to test this (and am not installing GB anyway), but this comment might help you alias.

Temporary workaround (for all distributions, not just openSUSE): echo 1 > /proc/sys/kernel/panic_on_oops This will now panic the machine instead of making it exploitable.
Maybe on our phones this value is set? Then again can we even make changes to /proc without root?

The value is set, but the exploit worked on my gentoo box with that set.

[WugFresh]

@aliasxerog
You the man, thanks for all your hard work on this!

{{ WugFresh }}

[Jaxidian]

Awesome! Hope this pans out!

[milan616]

Well I guess the only other comments I can make are from other things in the email chain. Is Econet compiled into our kernels? Seems that is the main requirement of this attack.

[DJxPanda]

Holy balls this is cool! Yes agreed that further guidance in this would be very cool. Id also be very down tp try this. Now. The question here is this. When does this root become not in effect? Is it when the device powers off? And when that happens would you be able to just run the exploit again to get rooted again? Also what kind of capabilities can we speculate about this? Rom flashes?

Sent from my DROIDX using DroidForums App