Generic Root Guide: Works for MOST of the platform.

Looking for help doing something. This is one of the best places to start.
zenofex
2.1 Eclair
Posts: 173
Joined: Mon Jul 25, 2011 4:16 pm

Generic Root Guide: Works for MOST of the platform.

Post by zenofex »

We've posted a tutorial on exploiting the most recently released android vulnerability which affects the Google TV platform. This process uses a tool called Cydia Impactor by Saurik which allows execution of commands as the "system" user. On some devices this can easily be leveraged for root and on others there is not a known public privilege escalation available.

Saurik's Analysis of the Bug: http://www.saurik.com/id/17

Exploiting Key Signing Tutorial: http://gtvhacker.com/index.php/Exploiti ... g_for_Root

This bug is separate from anything we plan to release at DEF CON. If your device is not currently exploitable check back in a few weeks :)

This thread will be used to help users troubleshoot the exploit process, for updates needing to be made to the wiki in the tutorial, and for anything else relevant to this bug.

Thanks,
Zenofex
Bitcoin donations can be sent to:
15mb6ER9gbujUXJABBd146W34FwWX2F1Lx
sarreq
Android 1.0
Posts: 1
Joined: Mon Jul 22, 2013 3:52 am
GTV Device Owned: Vizio Co-Star

Re: Generic Root Guide: Works for MOST of the platform.

Post by sarreq »

has anyone tried this on the Vizio CoStar?

edit: nevermind, I missed that section. WOOHOO!!! :D
bovoro
Android 1.0
Posts: 43
Joined: Tue Nov 20, 2012 11:30 am
GTV Device Owned: Sony NSZ-GS7 (v2 streamer)

Re: Generic Root Guide: Works for MOST of the platform.

Post by bovoro »

I tried to install on my NSZ GS7, but in the end I get permission denied on the temporary folder
bovoro
Android 1.0
Posts: 43
Joined: Tue Nov 20, 2012 11:30 am
GTV Device Owned: Sony NSZ-GS7 (v2 streamer)

Re: Generic Root Guide: Works for MOST of the platform.

Post by bovoro »

i got this screen in last "Program Output":

### Google TV Modification Package ###
For Support Visit: http//wwwGTVHacker.com
/data/local/tmp/impactor-1:cannot create /tmp/log: permission denied
bovoro
Android 1.0
Posts: 43
Joined: Tue Nov 20, 2012 11:30 am
GTV Device Owned: Sony NSZ-GS7 (v2 streamer)

Re: Generic Root Guide: Works for MOST of the platform.

Post by bovoro »

Where is everybody? , I have the perception that this forum is dying
User avatar
jbloggs
1.5 Cupcake
Posts: 62
Joined: Sat May 05, 2012 10:53 am
GTV Device Owned: NSZ-GT1 (Bluray Player)

Re: Generic Root Guide: Works for MOST of the platform.

Post by jbloggs »

Seems like no one has been successful yet.

Oh BTW, when is DEF CON?
zenofex
2.1 Eclair
Posts: 173
Joined: Mon Jul 25, 2011 4:16 pm

Re: Generic Root Guide: Works for MOST of the platform.

Post by zenofex »

bovoro wrote:i got this screen in last "Program Output":

### Google TV Modification Package ###
For Support Visit: http//wwwGTVHacker.com
/data/local/tmp/impactor-1:cannot create /tmp/log: permission denied
This does not get root on the NSZ-GS7/8. What you're seeing is that the initial command from impactor is going through and placing a

Code: Select all

ro.kernel.qemu=1
within your /data/local.prop. On the Sony and Logitech devices this does not actually escalate from system privileges to root. I believe this however, does work on all other GTV devices.

As for the Logitech and Sony users, we're working on something for you guys.
jbloggs wrote:Seems like no one has been successful yet.

Oh BTW, when is DEF CON?
I can at some point go and test more of my devices. However its been pretty hectic getting things ready for DEF CON.

DEFCON August 1st-4th

Thanks,
Zenofex
Bitcoin donations can be sent to:
15mb6ER9gbujUXJABBd146W34FwWX2F1Lx
bovoro
Android 1.0
Posts: 43
Joined: Tue Nov 20, 2012 11:30 am
GTV Device Owned: Sony NSZ-GS7 (v2 streamer)

Re: Generic Root Guide: Works for MOST of the platform.

Post by bovoro »

I'm testing the new version of cydia impactor, and really works , congrats devs =)
wejgomi
Android 1.0
Posts: 2
Joined: Tue Jul 30, 2013 12:04 pm
GTV Device Owned: NSZ-GT1 (Bluray Player)

Re: Generic Root Guide: Works for MOST of the platform.

Post by wejgomi »

What about Sony NSZ-GT1 ? Anybody with success running exploit ? Tried both ways to no avail. Also may need a separate busybox as x86 architecture.
famewolf
Android 1.0
Posts: 15
Joined: Sun Apr 01, 2012 6:36 am
GTV Device Owned: Logitech Revue

Re: Generic Root Guide: Works for MOST of the platform.

Post by famewolf »

Is there a version of Cydia Impactor for linux users? We have adb access etc......what can currently be accomplished with root on logitech revue without file read/write? Is that only for data partition or also system? can I install apps or remove apps?
Post Reply