Generic Root Guide: Works for MOST of the platform.

[zenofex]

We've posted a tutorial on exploiting the most recently released android vulnerability which affects the Google TV platform. This process uses a tool called Cydia Impactor by Saurik which allows execution of commands as the "system" user. On some devices this can easily be leveraged for root and on others there is not a known public privilege escalation available.

Saurik's Analysis of the Bug: http://www.saurik.com/id/17

Exploiting Key Signing Tutorial: http://gtvhacker.com/index.php/Exploiti ... g_for_Root

This bug is separate from anything we plan to release at DEF CON. If your device is not currently exploitable check back in a few weeks

This thread will be used to help users troubleshoot the exploit process, for updates needing to be made to the wiki in the tutorial, and for anything else relevant to this bug.

Thanks,
Zenofex

[sarreq]

has anyone tried this on the Vizio CoStar?

edit: nevermind, I missed that section. WOOHOO!!!

[bovoro]

I tried to install on my NSZ GS7, but in the end I get permission denied on the temporary folder

[bovoro]

i got this screen in last "Program Output":

### Google TV Modification Package ###
For Support Visit: http//wwwGTVHacker.com
/data/local/tmp/impactor-1:cannot create /tmp/log: permission denied

[bovoro]

Where is everybody? , I have the perception that this forum is dying

[jbloggs]

Seems like no one has been successful yet.

Oh BTW, when is DEF CON?

[zenofex]

i got this screen in last "Program Output":

### Google TV Modification Package ###
For Support Visit: http//wwwGTVHacker.com
/data/local/tmp/impactor-1:cannot create /tmp/log: permission denied

This does not get root on the NSZ-GS7/8. What you're seeing is that the initial command from impactor is going through and placing a

Code: Select all

ro.kernel.qemu=1

within your /data/local.prop. On the Sony and Logitech devices this does not actually escalate from system privileges to root. I believe this however, does work on all other GTV devices.

As for the Logitech and Sony users, we're working on something for you guys.

Seems like no one has been successful yet.

Oh BTW, when is DEF CON?

I can at some point go and test more of my devices. However its been pretty hectic getting things ready for DEF CON.

DEFCON August 1st-4th

Thanks,
Zenofex

[bovoro]

I'm testing the new version of cydia impactor, and really works , congrats devs =)

[wejgomi]

What about Sony NSZ-GT1 ? Anybody with success running exploit ? Tried both ways to no avail. Also may need a separate busybox as x86 architecture.

[famewolf]

Is there a version of Cydia Impactor for linux users? We have adb access etc......what can currently be accomplished with root on logitech revue without file read/write? Is that only for data partition or also system? can I install apps or remove apps?