[Q] what is this Exploit.Linux.Lotoor.g - General Questions and Answers

this site tried to put this on my pc when i joined here

i also just got this alert when clicking to download an attachment added to a post here. Superoneclick.
could it be a false positive of some sort? The download hadn't begun so i doubt it was the actual attachment that was infected.

"The requested URL cannot be provided
The requested object at the URL:
http://forum.xda-developers.com/
attachment.php?attachmentid=437039&d=
1289271263
Threat detected:
object is infected by Exploit.Linux.Lotoor.g"

I am seeing it too
I am getting an alert from Kaspersky that the file rageagainstthecage file in the SuperOneClickv1.5.5-ShortFuse.zip is infected with Exploit.Linux.Lotoor.g
Kaspersky report:
detected: Trojan program Exploit.Linux.Lotoor.g file: C:\Documents and Settings\user\Desktop\SuperOneClickv1.5.5-ShortFuse\rageagainstthecage
I expect this is a false positive due to the nature of the application, but Id like someone brighter than me to confirm.
Thanks!

I'm going to have to agree with the false positive considering it says it's a linux exploit in the name. RaTC is an exploit to get root on android which is a form of linux. I've also used SuperOneClick so I know it's not malicious.

Well, maybe it is malicious if we take into consideration this:
...
Troj/DroidD-A
Aliases
* Exploit.Linux.Lotoor.k
* Exploit.Linux.Lotoor.g
* Trojan-Downloader.AndroidOS.Rooter.a
* Android.Rootcager
* Backdoor.AndroidOS.Rooter.a
* Trojan-Downloader.AndroidOS.Rooter.b
* Exploit.Linux.Lotoor.l
...
Troj/DroidD-A is a malware for Google Android phone. It purports to be legitimate application and had been on Google Market before it was taken down.
...
All the packages contains repackaged legitimate application with a trojan package in com.android.root package, which is specified to start its action prior to the normal application.
* It can access TelephonyManager and steal IMEI (International Mobile Equipment Identity) and IMSI (International Mobile Subscriber Identity) code, and various other data.
* It then add this information into an XML file
<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<Request>
<Protocol>1.0</Protocol>
<Command>0</Command>
<ClientInfo>
<Partner>%s</Partner>
<ProductId>%s</ProductId>
<IMEI>%s</IMEI>
<IMSI>%s</IMSI>
<Modle>%s</Modle>
</ClientInfo>
</Request>
* using a simple XOR byte encryption with a key predefined in the class adbRoot. The decrypted byte buffer contains the IP address and the URL of the server which is used to post data about the infected phone in an XML format using an HTTP POST request
The package contains runs a set of privilege escalation exploits. These exploits are detected by Sophos as PUA HackTool "Android Local Root Exploit".
After obtaining root privilege, it tries to install another DownloadProviderManager.apk (as package com\android\providers\downloadsmanager) which is the payload (also detected as Troj/DroidD-A)
This payloads will runs as a background service "DownloadManageService" and starts whenever the phone is boot up.
* It will try to access even more information and report back, including trying to enumerate packages installed on the phone and then report back to the same control center.
* It have function to install additional packages from remote download
...
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdroidda.html

That is so confusing lol. Tbh though, I doubt they'd be malicious or else they'd be taken down off of XDA. If they were, I'm sure they'd be taken down straight away as that would be MOST DEFINETLY against the rules. Wait to see what a mod or something says though.

Skellyyy said:
That is so confusing lol. Tbh though, I doubt they'd be malicious or else they'd be taken down off of XDA. If they were, I'm sure they'd be taken down straight away as that would be MOST DEFINETLY against the rules. Wait to see what a mod or something says though.
Click to expand...
Click to collapse
Has anyone got a live link to an example of this?

pulser_g2 said:
Has anyone got a live link to an example of this?
Click to expand...
Click to collapse
Seen this in a previous post, don't know if it'll help but here: http://forum.xda-developers.com/attachment.php?attachmentid=437039&d=
1289271263
Btw, I could swear you're stalking me. jk.

pulser_g2 said:
Has anyone got a live link to an example of this?
Click to expand...
Click to collapse
Here is another link (xda-dev as host): http://forum.xda-developers.com/attachment.php?attachmentid=591335&d=1304969547
Hope it can be solved.
Thx from Germany

Has anyone confirmed or denied that this in a trojan? Kaspersky detected this file on my computer (backup of my sdcard). That file was used when I rooted my phone, so I am concerned. By the way, the two links posted above do not work.

Gaining root privileges seems to be reasonable (especially if it's part of rooting your droid), however it's legitimacy depends on the reason.
In plain English, I'm trying to say that the question about lotoor should be answered per attachment (tool) and not on a global basis.
BTW: lotoor also detected (virustotal 14/42) for zr file which is part of MTKdroidTools. I'm not qualified enough to answer if this is legit

I got this when I downloaded the ace hack kit, but disregard it.

Of COURSE it's a malicious exploit!
If you have specifically rageagainstthecage or zergrush, congratulations, your virus software has successfully discovered your ROOTING software for what it is - a malicious linux-based exploit used to root android devices!
Remember when the phone manufacturers locked the door to root? Remember we decided to break in and root em anyway? These linux exploits are what break the lock - (Super) One Click Root, root.jar files, root.exe files, etc etc. All executables with these 'virus's' that root your phone. That isn't to say you guys don't have something that may well be dangerous to linux machines, but if you still have rooting software on your Windows PC, then this is most likely what it is, and it's a-okay.
Hope you guys are sighing with relief

The4thDoctor said:
Has anyone confirmed or denied that this in a trojan? Kaspersky detected this file on my computer (backup of my sdcard). That file was used when I rooted my phone, so I am concerned. By the way, the two links posted above do not work.
Click to expand...
Click to collapse
voshell said:
this site tried to put this on my pc when i joined here
Click to expand...
Click to collapse
Have you downloaded or installed "Exynos Abuse" to root Samsung/Exynos powered device ??
Because that's what I have, and I get it all the time on my antivirus Kaspersky
Exynos Abuse main development page http://forum.xda-developers.com/showthread.php?t=2050297

wait a minute .. but my kaspersky detected it in a file named "root me " on the computer , i did root my samung mini2 with it , yet it's STILL fully functional after ks quarantined it !!
Is it something else?

Related

Virus on superoneclick?

Microsoft Security Essential:
Expolit:AndroidOS/CVE-2011-1823
Category: Exploit
Description: This program is dangerous and exploits the computer on which it is run.
Recommended action: Remove this software immediately.
I was about to flash ZEUS but when I download the link from Youtube it just happened.
Is that a good idea to keep using it?
Thanks
reactorcooler said:
Microsoft Security Essential:
Expolit:AndroidOS/CVE-2011-1823
Category: Exploit
Description: This program is dangerous and exploits the computer on which it is run.
Recommended action: Remove this software immediately.
I was about to flash ZEUS but when I download the link from Youtube it just happened.
Is that a good idea to keep using it?
Thanks
Click to expand...
Click to collapse
If you download anything, I would make sure it originated on XDA (did the video have a link to XDA?)...it's probably a false-positive though...
it is well known that virus protection may pick rageagainstthecage out as malicious code. it may also find zergrush or psneuter out as well as these exploits can be used to push malware to the phone.
it's not a virus in soc. it's just a file that is associated with malware.
Dani897 said:
it is well known that virus protection may pick rageagainstthecage out as malicious code. it may also find zergrush or psneuter out as well as these exploits can be used to push malware to the phone.
it's not a virus in soc. it's just a file that is associated with malware.
Click to expand...
Click to collapse
What he said lol^^
turn off your antivirus when trying to use SOC.
I wouldn't download anything from youtube when it comes to an XDA application. Only use the XDA site for the proper things that aree needed for your device. All XDA stuff is virus free that I have used and seen, including superone click.

[GUIDE] How to gain root shell on 2016 Honda Pilot (and now install apps!!!)

Disclaimer - this is your vehicle you are messing with. If you are not comfortable with potentially permanently damaging the head unit, stop here.
Now for the good stuff.
Credit where credit is due: this method relies on the recent "dirtycow" exploit. I used the POC Android exploit code located here:
https://github.com/timwr/CVE-2016-5195
This exploit in simple terms takes advantage of a Linux kernel bug that allows a (small) file to be "overwritten", when a user only has read access to that file. It doesn't actually modify filesystem contents, but any application that reads the file after the exploit is used will read the "new", post-exploit contents instead of the original.
The scripts attached use the dirtycow binary to overwrite the "/system/etc/factory_reset.sh" shell script with a nefarious version. This script is executed when you perform a factory reset operation through the settings menu, and gets executed as the root user .
The nefarious script is quite simple - it just calls another script that is uploaded and performs a reboot. The second script mounts the /system partition as R/W, then copies over an su binary and sets appropriate permissions, then syncs and mounts read only again.
Please note that the attached "rootme.sh" script is intended to be run from a Linux machine - if I get the time (or enough donations), or if someone else cares to, it can be ported over to a Windows batch file easily enough.
Updated the attached zip to include a Windows batch file.
Steps:
Download the attached zip file
Extract to a machine capable of connecting to your Pilot over ADB
Modify "rootme.sh" (*nix) or "rootme.bat" (Windows) to use the correct IP
- Change the "172.16.1.217" lines to reflect the correct IP for your Pilot
Execute "rootme.sh" (*nix) or "rootme.bat"
- ./rootme.sh should do it for *nix
- for Windows, open a command prompt, navigate to "rootme.bat" location and type "rootme.bat"
- Watch output for completion
Perform factory reset operation
- Note - should the exploit function correctly, this step should NOT perform any factory reset operations. However, you should fully expect everything to be reset if the exploit failed or some other problem occurred when attempting to use a nefarious factory_reset.sh script.
After the Pilot reboots, you should be able to get a shell over ADB as normal, except now issuing an "su" command will drop you to root!
Update - thanks to purespin figuring out the signature mechanisms, we can now install apps! I've attached OneClick.zip, which contains a series of scripts to automate the rooting & app installation process.
That said, be careful, use these at your own risk, etc.
Extract zip file to some folder then open up a command prompt in that folder. Also drop the APKs you wish to install to that folder.
Type OnceClickInstall.bat [YourHeadUnitIP] [APKToInstall.apk]
The script will root your device if it's not already, then go ahead and perform steps necessary to install the APK (one reboot required if already rooted).
This basically performs the steps described in purespin's post to get a signature of the APK, download and modify the whitelist XML file, upload it back, reboot, then install the APK.
There's one prompt in the script that asks you too look things over - pay attention here, if any issues crop up at this point damage can be avoided, continuing in a bad state will have undefined results.
Updated the scripts to back up the white list on each run to /data/local/tmp/whitelist-(timestamp).xml.
Updated to handle APKs with more than one signature.
Edit: As suggested by wpg_moe, a Git Hub project has been set up here:
https://github.com/jersacct/2016PilotOneClick.git
Changes & suggestions are encouraged and welcomed, but this is a part time hobby project for me, so expect movement to be "lumpy", as I'm mostly only able to work on this during the weekends.
would this work on a 2016 civic android headunit? should be the same concept for it?
This is GREAT news!!! We will start to test it on a 2016/Civic/Touring. It reminds of of the hacking a linksys firmware via tftp.
sheryip said:
would this work on a 2016 civic android headunit? should be the same concept for it?
Click to expand...
Click to collapse
I don't have a Civic to test with, but I would imagine Honda uses the same factory reset mechanism on both models.
The included scripts are pretty straightforward - if you care to crack them open you'll see the operations they perform pretty plainly. I think the absolute worst you could suffer if you attempt this is that you factory reset your head unit. Remember your favorite radio stations if you decide to give it a shot.
Yes, I am able to root the 2016 Pilot using the method provided by jersacct. It is super easy and strait-forward!
Now the question is what is next I have been working as programmer for the last 20 years but I don't have much knowledge of Android hacking. What's the starting point?
I'd say step 2 is to get the system info from a Ridgeline or a '17 pilot when they come out so we can try to put Android Auto or Car Play on the 16 models. Navigation would be nice but with AA/CP, you wouldn't need it.
Yep, this is just a first step. We still have to work around the white list service Honda put in place that's preventing installation of other APKs. I have not been successful in replacing the ApplistUpdate.apk with a modified version or replacing /data/system/whitelist.xml with a modified version. In either case the service is still preventing installation of new APKs.
I have a couple of workaround theories I'm working on - tracking down and modifying the service's source to always allow APK installation (effectively disabling the white list check), using the service's own interface to add APKs to the white list (much like S_Mike has done for the EU versions), stripping out or disabling the service entirely.
I think it would be much easier to get APKs installed than porting Android Auto or Car Play over. I would be much happy if we can achieve what they have done on EU versions.
jersacct said:
Yep, this is just a first step. We still have to work around the white list service Honda put in place that's preventing installation of other APKs. I have not been successful in replacing the ApplistUpdate.apk with a modified version or replacing /data/system/whitelist.xml with a modified version. In either case the service is still preventing installation of new APKs.
Click to expand...
Click to collapse
Any summary on how S_Mike did that (using the service's own interface to add APKs to the white list)? If not, I might spend some time to loop through the 139-page thread after work
jersacct said:
I have a couple of workaround theories I'm working on - tracking down and modifying the service's source to always allow APK installation (effectively disabling the white list check), using the service's own interface to add APKs to the white list (much like S_Mike has done for the EU versions), stripping out or disabling the service entirely.
Click to expand...
Click to collapse
I have a pilot 2016. But i dont have a Linux machine. So how can i use this. Even if i use this, if i will not have access to install apks then what is the use. I am a bit confused. I am also a developer and have been rooting my phones to install custom roms, but that was all with the guides that i found on the internet. Didn't try any thing fancy.
ammarbukhari said:
I have a pilot 2016. But i dont have a Linux machine. So how can i use this.
Click to expand...
Click to collapse
I've updated the attachment to include a Windows batch file, and updated the instructions.
Rooting the device with this method doesn't mean you can unlock all the Android goodies we're hoping for. It will, however, help a person so inclined to defeat the Honda installation restrictions.
There is no zip file
jersacct said:
I've updated the attachment to include a Windows batch file, and updated the instructions.
Rooting the device with this method doesn't mean you can unlock all the Android goodies we're hoping for. It will, however, help a person so inclined to defeat the Honda installation restrictions.
Click to expand...
Click to collapse
Thanks, have you had any luck installing an apk? That's what I'm looking to do on my Ridgeline.
Sent from my Nexus 6P using Tapatalk
ammarbukhari said:
There is no zip file
Click to expand...
Click to collapse
Sorry, corrected.
enyce9 said:
Thanks, have you had any luck installing an apk? That's what I'm looking to do on my Ridgeline.
Click to expand...
Click to collapse
Not yet, still working on this.
The system doesn't just check the white list. It checks the certs as well. If it's isn't sign by the developer for Honda the package installer won't install the apk.
Guys, you probably have to change the signature of the APK in the list from that code to "PREINSTALL", without the "". I have a 2015 Honda HR-V and that's the way we can install apps on our head unit. Some people had problem to install apps after updating Honda applications, because it changed "PREINSTALL" to the app signature. After a factory reset, they got the PREINSTALL again for "HondaAppCenter_A1.apk". So, try removing the signature code to PREINSTALL for some APK and use that APK name to install the app.
maecar said:
Guys, you probably have to change the signature of the APK in the list from that code to "PREINSTALL", without the "". I have a 2015 Honda HR-V and that's the way we can install apps on our head unit. Some people had problem to install apps after updating Honda applications, because it changed "PREINSTALL" to the app signature. After a factory reset, they got the PREINSTALL again for "HondaAppCenter_A1.apk". So, try removing the signature code to PREINSTALL for some APK and use that APK name to install the app.
Click to expand...
Click to collapse
I think the protection mechanisms in this version are entirely different. There are no "process_controls.list" or "allowed_installations.list" files present in the entire filesystem, nor does a grep across the entire filesystem return any results for "HondaAppCenter". These tell me that the protection mechanisms are not the same as previous or EU versions.
I've attached what I believe to be a component of the replacement mechanisms, an XML file describing full app names, sometimes signatures, and fields describing permissions. Any edits to this file don't seem to be regarded, so I'm still digging in to the core services that make up the white list mechanism.
Did you update whitelist.xml file directly or update the whitelist.xml file in ApplistUpdate.apk?
What a coincidence this is, as I heard about the Dirty Cow exploit just the other day and spent time trying to root my 64 bit Samsung smartphone to no avail. I did hear that it works on 32 bit android platforms and how about this for a case in point.
Jersacct, thanks for making this available to the community! I can understand that the first hurdle is getting the system to stop blocking / removing non-whitelisted apps and it sounds like you are just getting to this point now. Keep up the good work and please let us know if there are any minor details that you need worked out that can be delegated to the community, i.e. testing, troubleshooting or research.
Looking forward to having more capabilities with my 2016 Honda Pilot!
purespin said:
Did you update whitelist.xml file directly or update the whitelist.xml file in ApplistUpdate.apk?
Click to expand...
Click to collapse
I've attempted both approaches, with no luck. It may be that my ApplistUpdate.apk replacement was flawed somehow, so I'm not sure there. Because you modify the zipped whitelist.xml in the APK, you also have to resign the APK before installation, Android won't reinstall an app with different signatures without uninstalling original, and because it's a system app it won't let you uninstall.....blah blah I deleted the original (after backing up) and replaced it with modified version, still no positive result. I attempted to add eu.chainfire.supersu (picked at random, could be anything) to the list of allowed apps in these cases but still couldn't get it installed.
I think my next approach will be to edit the system services (in /system/framework/services.(.jar,.odex)) and see if I can disable all whitelist checks.
Now that root is available, it's only a matter of time before someone gets around Honda's restrictions.

"Noob" security question

Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
iwanttoknow said:
Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
Click to expand...
Click to collapse
Yes it definitely is less seure
IronRoo said:
Yes it definitely is less seure
Click to expand...
Click to collapse
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
iwanttoknow said:
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
Click to expand...
Click to collapse
Yes, basically everything is less secure. Eg
quote "By gaining root access, you get total control over the entire system. With the right skills and tools, you can read and modify almost any parameter on your device. This is the reason why some apps, as as SuperSU, require root access in order to work properly. However, this type of access is a double edged sword as with root access nothing is there to prevent malicious applications from wreaking havoc on your system: system files can be corrupted or deleted, personal information can be skimmed, and you could even soft brick your device."
https://www.androidpit.com/5-reasons-not-to-root-your-device
And possible even just having su binary installed is an issue, though it's not clear to me whether this has been confirmed, it seems precautionary to me, if it's just a LinageOS issue or more devices are vulnerable, however this weeks update to Linage OS is trying to address this. Anyhow the fix seems to have some extra benefits
https://lineageos.org/Changelog-9/
Also, just to be clear, you are still able to be hacked even if you are not rooted, but it's a whole lot more difficult.
iwanttoknow said:
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
Click to expand...
Click to collapse
Also just to be a tad bit more correct in nature,
Rooting or unlocking your bootloader do NOT necessarily mean your device is any less secure than it is when you first turn it on after purchase.
Many people tend to misunderstand what rooting a phone is intended for, and most of the popular "One-Click" methods are simple apps you download install and run on your phone to acquire root access through a process called "Privlidge Escalation" which gains permission as root by simply climbing a chain that eventually lets it give you access to all your phones internals,
Thus in theory, any given app could be injected with that same code & then used to MALICIOUSLY root your device (without your knowledge or control) which would obviously be a MAJOR security flaw *Cough Cough* on Google's end *Cough Cough* but since it is generally only used by geeks who want to use a phone properly they don't look too much deeper past that. However rooting your device by yourself, unlocking your bootloader by yourself, controlling root permissions via SuperSU or like application ensures if anything TRIES to gain root access YOU being the owner of YOUR device can deny the possible threat instead of never being aware of it........
Thanks for your reply.
What is *Cough Cough* ?
BTW I understand that a malicious application can take control of my device without I know it, if it's not rooted, by using the same code as applications rooting your device.
Do I have well understood what you wrote ?
But how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application...
It's a veritable vicious circle.
?
The question you should be asking yourself is this. Why do I want to root my device?
Though, any device may have vulnerabilities which can be exploited to gain root like mentioned. If you want to keep your device secure, do not install or use anything from an unknown source.
samehb said:
The question you should be asking yourself is this. Why do I want to root my device?
Click to expand...
Click to collapse
My main raison to root my device (if I did), would be to have a finest control on it.
But it's seems to be a difficult goal... like security in general.
?
iwanttoknow said:
My main raison to root my device (if I did), would be to have a finest control on it.
But it's seems to be a difficult goal... like security in general.
?
Click to expand...
Click to collapse
SuperSU will automatically deny anything asking it to provide root access by default . When you have an app for rooted phones installed and you run it for the first time you will get a pop-up from the SuperSU app to say "Yes, go ahead" or "No!" to anything before it even runs. So for me I always try to get devices with a way to root available because its the only way I know if stuff is trying to gain root access without my permission & watch it's actions.
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
iwanttoknow said:
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
Click to expand...
Click to collapse
Oh okay dude apologies the Open Source alternative to SuperSU is Phh's SuperUser & you can find it in the magisk related forum. SuperUser is only questioned as "Malicious" because ChainFire keeps the source closed from what I understand, so I believe it was Phusssion who came to light abt showing us systemless root methods with his open source root management app . You may need to root your phone with an unsafe method, & install Magisk Manager & deploy a magisk install to get the open source variant to work though, not 100% sure
It seems that it will be more and more difficult to root a mobile with new Android's versions.
iwanttoknow said:
It seems that it will be more and more difficult to root a mobile with new Android's versions.
Click to expand...
Click to collapse
I agree! And it also feels like its becoming a very heavy marketing plot aspect instead of another thing that made Android great. Like are we just supposed to pay ridiculously for the Pixel to obtain root? & for the record, that "Essential" phone, is still sorta essentially too expensive......
iwanttoknow said:
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
Click to expand...
Click to collapse
Phh superuser with Magisk is a 100% open source method for managing root access on your device
Also discussed there: https://forum.xda-developers.com/showthread.php?t=2687933
Primokorn said:
Also discussed there: https://forum.xda-developers.com/showthread.php?t=2687933
Click to expand...
Click to collapse
Thanks I was trying to find one of those lol. As ive seen this question asked hundreds of times within recent months across forums
iwanttoknow said:
Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
Click to expand...
Click to collapse
Rooting is a way to access the root-user on Android. It is the exact same as logging in as the root user in UNIX based operating systems. The windows equivalent of 'root' user, is an administrator account. Only difference is, within other UNIX based operating systems, the root user account is easily accessible. In android, it is blocked, so you need to do some process to gain access to the root user account. This process is known as "rooting".
Now, with administrative privileges, you gain the ability to modify the system, which is very useful, if kept in the right hands. But GOD FORBID, you get some nasty malware, such as a trojan or virus on your rooted device, that piece of malware now has access to administrative privileges, and can virtually do ANYTHING it wants to your system.
If you get some malware while the device does not have root access, the scenario is a lot less serious, as the malware cannot access system files, UNLESS there is an exploit designed SPECIFICALLY for that device or software version.
Now, unlocking bootloader in theory is a security flaw.... but then again, freedom is always inversely proportional to security... you have to sacrifice a bit of one to acquire the other. Theoretically, if all the custom operating systems you install are from trusted sources, and there is no embedded backdoors or spyware, or rootkits, or trojans, it is perfectly alright, software vulnerabilities, it is alright. But you simply cannot trust what these developers of custom roms actually embed into their roms, without actually examining the code itself.
I would recommend if you root and unlock the bootloader, install a custom recovery software such as TWRP. That way, in case your device gets compromised by hackers/malware, you can completely reformat the drive, and flash the stock firmware, thereby removing the malware.
Hope this helps.
Hope this helps.
---------- Post added at 09:31 AM ---------- Previous post was at 09:28 AM ----------
iwanttoknow said:
It seems that it will be more and more difficult to root a mobile with new Android's versions.
Click to expand...
Click to collapse
Yes, but the difficulty isn't because of the operating system necessarily. It is mostly because the phone manufacturers lock the bootloader, which makes the process of getting root very difficult. In addition to that, certain exploits that we use to gain root access are also being patched in the newer Android versions.
BIG_BADASS said:
Rooting is a way to access the root-user on Android. It is the exact same as logging in as the root user in UNIX based operating systems. The windows equivalent of 'root' user, is an administrator account. Only difference is, within other UNIX based operating systems, the root user account is easily accessible. In android, it is blocked, so you need to do some process to gain access to the root user account. This process is known as "rooting".
Now, with administrative privileges, you gain the ability to modify the system, which is very useful, if kept in the right hands. But GOD FORBID, you get some nasty malware, such as a trojan or virus on your rooted device, that piece of malware now has access to administrative privileges, and can virtually do ANYTHING it wants to your system.
If you get some malware while the device does not have root access, the scenario is a lot less serious, as the malware cannot access system files, UNLESS there is an exploit designed SPECIFICALLY for that device or software version.
Now, unlocking bootloader in theory is a security flaw.... but then again, freedom is always inversely proportional to security... you have to sacrifice a bit of one to acquire the other. Theoretically, if all the custom operating systems you install are from trusted sources, and there is no embedded backdoors or spyware, or rootkits, or trojans, it is perfectly alright, software vulnerabilities, it is alright. But you simply cannot trust what these developers of custom roms actually embed into their roms, without actually examining the code itself.
I would recommend if you root and unlock the bootloader, install a custom recovery software such as TWRP. That way, in case your device gets compromised by hackers/malware, you can completely reformat the drive, and flash the stock firmware, thereby removing the malware.
Hope this helps.
Hope this helps.
---------- Post added at 09:31 AM ---------- Previous post was at 09:28 AM ----------
Yes, but the difficulty isn't because of the operating system necessarily. It is mostly because the phone manufacturers lock the bootloader, which makes the process of getting root very difficult. In addition to that, certain exploits that we use to gain root access are also being patched in the newer Android versions.
Click to expand...
Click to collapse
Thanks a lot for your detailed answer.
If you need security, just root and install supersu or magisk.
If you have xposed framework, then try a nice fire wall like Xprivacy
As far as I can tell both SuperSU and Magisk are trusted and reliable, people wouldn't be using them, if they were untrustworthy. And I agree with Big's comments, freedom and ability to manipulate what you want in the device comes with a significant security issue. You are going to have to be careful about this either way.

is dc-unlocker's HCU safe to install ?

Hello,
I possess a GR5 BLL-L22 which is bootlocked, and I need an unlock code sinced Huawei doesn't provide them anymore.
I am willing to pay the credits needed to perform the unlock. I went into DC unlocker site and downloaded HCU on my Windows 10 computer, but there are signs that scream malware:
* download is a password protected zip
* App does not allow to run inside a Virtual machine
* Last but not least, my AV Sophos, detect it has adware and put it into quarantine
Any thoughts ?
Also, do I really need to install something on my computer to get an unlock code ? I believe I only need to pass the IMEI or some identifier to get the unlock code.
biaib said:
Hello,
I possess a GR5 BLL-L22 which is bootlocked, and I need an unlock code sinced Huawei doesn't provide them anymore.
I am willing to pay the credits needed to perform the unlock. I went into DC unlocker site and downloaded HCU, but there are signs that scream malware:
* download is a password protected zip
* App does not allow to run inside a Virtual machine
* Last but not least, my AV Sophos, detect it has adware and put it into quarantine
Any thoughts ?
Also, do I really need to install something on my computer to get an unlock code ? I believe I only need to pass the IMEI or some identifier to get the unlock code.
Click to expand...
Click to collapse
For the most port, you need to go in, get your code and then delete it. It's safe on my phone. However, you can always try Ministry of Solutions. But they may cost More. Rest assured, did you download from official site? If so, then it's safe. Just get your code and delete it.
Mannan Qamar said:
For the most port, you need to go in, get your code and then delete it. It's safe on my phone. However, you can always try Ministry of Solutions. But they may cost More. Rest assured, did you download from official site? If so, then it's safe. Just get your code and delete it.
Click to expand...
Click to collapse
Hello, thanks for the answer. What do you mean on your phone ? is there an android version of the unlocker ? because what I have is a zip archive with a windows installer in it.
If I desinstall it from windows, that does not guarantee at all it will remove any associated malware.
biaib said:
Hello, thanks for the answer. What do you mean on your phone ? is there an android version of the unlocker ? because what I have is a zip archive with a windows installer in it.
If I desinstall it from windows, that does not guarantee at all it will remove any associated malware.
Click to expand...
Click to collapse
Sorry. Typo. I meant on my PC. There is no Android version. You can always use an anti virus to check. Alternatively, if you downloaded it from Official Site you have nothing to worry about.
Its perfectly alright, I have used all their S/W on many occasions and I agree HCU flags as malware on my Win10 PC also.
I have to suspend Defender to run it.
I told them about this and they more or less said that I must be mistaken as no one else had complained.
I then sent them a screenshot and all they said that it is a false positive as their S/W is 100% virus free.
Sparkrite said:
Its perfectly alright, I have used all their S/W on many occasions and I agree HCU flags as malware on my Win10 PC also.
I have to suspend Defender to run it.
I told them about this and they more or less said that I must be mistaken as no one else had complained.
I then sent them a screenshot and all they said that it is a false positive as their S/W is 100% virus free.
Click to expand...
Click to collapse
Ok, thanks. In the end I used their dc-unlocker program which is not flagged.

New methods to custom software no root or unlock bootload

I have started developing of an android app project, some can give user privilege to edit system without root and unlocking bootloader.
Here is info about how my program do it.
1. Capture network traffic and get server IP and port of this application some update the system. (SYSTEMUPDATE.APK).
2. Starting portforwarding to my server and capture request from application and my server will be to a VPN, so the request can be send from my server to orginal server and back.
Softwareupdate.apk will ask for updates, after it has begin downloading of this update, will my server save networktracffic and my server has a program, some can detect specific files. (Update.zip)
3. Now will my program send the custom update over my server, some user has makes self and selected in app.
4. Now will systemupdate.apk get the modified version of its update and the target device will install it.
Note: My program don't unpack the files, but it's has patch function for avb security and its zip verification.
I upload soon the project to GitHub, some open source.
Note: Have a copy of your software, because you are need copy of your vbmeta.img's files...
add list of supported (confirmed working) devices you tested successfully
aIecxs said:
add list of supported (confirmed working) devices you tested successfully
Click to expand...
Click to collapse
All devices would essentially work with this if correct signature and fake host identical to your manufacturers. Sad to say if you root you would still have detection. Maybe this will be a way to escape widevine degradation
Hey Joe! I loaded your image and your account is active with your Lovoo! now i have serious problems with my girl because she thought i wrote that!best regards! pete
Oh my gosh! I just noticed!! I will clean up this image immediately! and thanks for that info bro! and I'm really sorry about your girl!!
toolhas4degrees said:
All devices would essentially work with this if correct signature and fake host identical to your manufacturers.
Click to expand...
Click to collapse
just name a single one. what device used for testing? which manufacturers signature you have spoofed successfully?
aIecxs said:
just name a single one. what device used for testing? which manufacturers signature you have spoofed successfully?
Click to expand...
Click to collapse
People have spoofed server using msm tools in the past. This is pretty much the same thing. Browse xda
so you are asking us to send our traffic to your server on good trust, but you don't have any proof and don't answer the question lol
aIecxs said:
so you are asking us to send our traffic to your server on good trust, but you don't have any proof and don't answer the question lol
Click to expand...
Click to collapse
My server. Are you crazy. You make your own virtual server on your computer. Man you are smart. Do you just like to argue about things you don't know anything about and are obviously to lazy to search.
And if you are mistaken I'm not the op of this thread.
JonasHS said:
I have started developing of an android app project, some can give user privilege to edit system without root and unlocking bootloader.
Here is info about how my program do it.
1. Capture network traffic and get server IP and port of this application some update the system. (SYSTEMUPDATE.APK).
2. Starting portforwarding to my server and capture request from application and my server will be to a VPN, so the request can be send from my server to orginal server and back.
Softwareupdate.apk will ask for updates, after it has begin downloading of this update, will my server save networktracffic and my server has a program, some can detect specific files. (Update.zip)
3. Now will my program send the custom update over my server, some user has makes self and selected in app.
4. Now will systemupdate.apk get the modified version of its update and the target device will install it.
Note: My program don't unpack the files, but it's has patch function for avb security and its zip verification.
I upload soon the project to GitHub, some open source.
Click to expand...
Click to collapse
I count "my server" six times. there is no github link. it's common sense one can't modify system on locked bootloader. it's not my job to proof you wrong, it's your job to proof this genius hack!
toolhas4degrees said:
And if you are mistaken I'm not the op of this thread.
Click to expand...
Click to collapse
LOL completely missed that! sorry for arguing at you. But wth did you reply for him? xD
aIecxs said:
LOL completely missed that! sorry for arguing at you. But wth did you reply for him? xD
Click to expand...
Click to collapse
I didn't you quoted me, bc I told you it technically would work
technically... except that no OEM would leak their private key
wait... just read that today. this is gamechanger
Android OEM key leak means sideloaded "updates" could be hiding serious malware
Samsung, LG, and MediaTek are among the companies affected.
www.xda-developers.com

Categories

Resources