EXPLOIT Posts on XDA

This exploit lets you unlock the bootloader of the Google Chromecast with Google TV

The Google Chromecast with Google TV is one of the best media streaming dongles out there. The little piece of hardware not only unlocks 4K video streaming at 60fps for connected devices, but it also brings support for HDR content, Dolby Vision, and Dolby Atmos audio. The device can even be considered a capable gaming...

It’s now easy to bypass MediaTek’s SP Flash Tool authentication

Devices with MediaTek chipsets have a BROM (boot read-only memory), which typically loads the preloader executable and subsequently boots the Android system, but also houses an alternative boot mode known as Download mode. It is strictly intended for OEM servicing and can be used to unbrick a device, just like Qualcomm’s Emergency Download Mode (EDL). A MediaTek-made...

Here’s why you should be wary of installing anything that sets SELinux to permissive

In the world of Android modding, people tend to regard root access as the cornerstone of all things. It allows users to take complete control of their devices and add features that aren't always available in the stock configuration. But as they say — "with great power comes great responsibility" — it's not wise to...

Critical MediaTek rootkit affecting millions of Android devices has been out in the open for months

On the first Monday of every month, Google publishes the Android Security Bulletin, a page that discloses all the security vulnerabilities and their patches submitted by Google themselves or other third-parties. Today was no exception: Google just made public the Android Security Bulletin for March 2020. One of the vulnerabilities that are documented in the...

Fortnite Installer could be abused to silently install apps on Galaxy phones

The launch of Fortnite Mobile on Android hasn't been too great, especially since many of the supported devices really struggle to play the game with acceptable frame rates. The game launched as a Samsung Galaxy exclusive for only 3 days. The Fortnite Installer was first available on Samsung Galaxy Apps before Epic Games allowed non-Samsung...

Google acquires GraphicsFuzz, a firm which specializes in testing GPU reliability

Google has acquired GraphicsFuzz to improve GPU reliability within the Android ecosystem. GraphicsFuzz is a firm that specializes in testing GPU reliability by creating graphics driver testing technologies that can be used to find bugs in graphics drivers. The firm then discloses these bugs to GPU vendors, OEMs, or any other involved parties and works...

SunShine bootloader unlock (S-Off) tool now supports the HTC U12+

SunShine is a popular tool used primarily on HTC devices for enabling S-OFF. The tool was updated to support the HTC U11 earlier this year, and now it supports the HTC U12+. Without being able to S-OFF, modding HTC devices becomes a great difficulty. This release should open the door to the true modding capability...

OxygenOS 5.1.7 update for the OnePlus 6 fixes bootloader vulnerability

Following a slew of updates for the OnePlus 6 since its launch, OxygenOS 5.1.7 is the first to offer strictly bug fixes and security enhancements. The first big fix for this update pertains to the bootloader vulnerability uncovered by a security researcher last week. It has been patched with an updated bootloader, so users are...

[Update: Fix] Bootloader Protection Bypass Discovered on OnePlus 6 (requires physical access)

The OnePlus 6 was made official in the middle of last month. The device has only recently started to make its way into the hands of consumers and developers on our forums, and already we're hearing about the work that's being done. An official build of TWRP is already available and work is progressing nicely...

New Rowhammer Exploits use Hardware Vulnerabilities to Root LG, Samsung, and Motorola Devices

Google is constantly at war with hackers seeking to maliciously exploit security vulnerabilities in their products. Back in the middle of 2014, Google assembled a team of security analysts called 'Project Zero' to report zero-day exploits to the company so they can be patched before any nefarious third-party can take advantage of the undisclosed security hole....

2015 Samsung Lock Bypass Exploit Details Revealed

In December of 2015 an exploit was revealed on Twitter that showed a Samsung Galaxy S6 lock screen being bypassed. https://twitter.com/rpaleari/status/674983960162787328 Not much was revealed at the time other than the proof of concept. Now that the disclosure period has expired the details are making their way out to the public. The exploit was pushed to Github on Monday...

NorthBit Releases Metaphor Source on Github

NorthBit Advanced Software Research released on Thursday source code related to their Metaphor exploit of Stagefright to the public. Metaphor has been making its run through the news cycle due to the large footprint of devices likely affected. NorthBit estimated the number of affected devices was at least 235 million - those running 5.0 or 5.1....