this site tried to put this on my pc when i joined here
i also just got this alert when clicking to download an attachment added to a post here. Superoneclick.
could it be a false positive of some sort? The download hadn't begun so i doubt it was the actual attachment that was infected.
"The requested URL cannot be provided
The requested object at the URL:
http://forum.xda-developers.com/
attachment.php?attachmentid=437039&d=
1289271263
Threat detected:
object is infected by Exploit.Linux.Lotoor.g"
I am seeing it too
I am getting an alert from Kaspersky that the file rageagainstthecage file in the SuperOneClickv1.5.5-ShortFuse.zip is infected with Exploit.Linux.Lotoor.g
Kaspersky report:
detected: Trojan program Exploit.Linux.Lotoor.g file: C:\Documents and Settings\user\Desktop\SuperOneClickv1.5.5-ShortFuse\rageagainstthecage
I expect this is a false positive due to the nature of the application, but Id like someone brighter than me to confirm.
Thanks!
I'm going to have to agree with the false positive considering it says it's a linux exploit in the name. RaTC is an exploit to get root on android which is a form of linux. I've also used SuperOneClick so I know it's not malicious.
Well, maybe it is malicious if we take into consideration this:
...
Troj/DroidD-A
Aliases
* Exploit.Linux.Lotoor.k
* Exploit.Linux.Lotoor.g
* Trojan-Downloader.AndroidOS.Rooter.a
* Android.Rootcager
* Backdoor.AndroidOS.Rooter.a
* Trojan-Downloader.AndroidOS.Rooter.b
* Exploit.Linux.Lotoor.l
...
Troj/DroidD-A is a malware for Google Android phone. It purports to be legitimate application and had been on Google Market before it was taken down.
...
All the packages contains repackaged legitimate application with a trojan package in com.android.root package, which is specified to start its action prior to the normal application.
* It can access TelephonyManager and steal IMEI (International Mobile Equipment Identity) and IMSI (International Mobile Subscriber Identity) code, and various other data.
* It then add this information into an XML file
<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<Request>
<Protocol>1.0</Protocol>
<Command>0</Command>
<ClientInfo>
<Partner>%s</Partner>
<ProductId>%s</ProductId>
<IMEI>%s</IMEI>
<IMSI>%s</IMSI>
<Modle>%s</Modle>
</ClientInfo>
</Request>
* using a simple XOR byte encryption with a key predefined in the class adbRoot. The decrypted byte buffer contains the IP address and the URL of the server which is used to post data about the infected phone in an XML format using an HTTP POST request
The package contains runs a set of privilege escalation exploits. These exploits are detected by Sophos as PUA HackTool "Android Local Root Exploit".
After obtaining root privilege, it tries to install another DownloadProviderManager.apk (as package com\android\providers\downloadsmanager) which is the payload (also detected as Troj/DroidD-A)
This payloads will runs as a background service "DownloadManageService" and starts whenever the phone is boot up.
* It will try to access even more information and report back, including trying to enumerate packages installed on the phone and then report back to the same control center.
* It have function to install additional packages from remote download
...
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdroidda.html
That is so confusing lol. Tbh though, I doubt they'd be malicious or else they'd be taken down off of XDA. If they were, I'm sure they'd be taken down straight away as that would be MOST DEFINETLY against the rules. Wait to see what a mod or something says though.
Skellyyy said:
That is so confusing lol. Tbh though, I doubt they'd be malicious or else they'd be taken down off of XDA. If they were, I'm sure they'd be taken down straight away as that would be MOST DEFINETLY against the rules. Wait to see what a mod or something says though.
Click to expand...
Click to collapse
Has anyone got a live link to an example of this?
pulser_g2 said:
Has anyone got a live link to an example of this?
Click to expand...
Click to collapse
Seen this in a previous post, don't know if it'll help but here: http://forum.xda-developers.com/attachment.php?attachmentid=437039&d=
1289271263
Btw, I could swear you're stalking me. jk.
pulser_g2 said:
Has anyone got a live link to an example of this?
Click to expand...
Click to collapse
Here is another link (xda-dev as host): http://forum.xda-developers.com/attachment.php?attachmentid=591335&d=1304969547
Hope it can be solved.
Thx from Germany
Has anyone confirmed or denied that this in a trojan? Kaspersky detected this file on my computer (backup of my sdcard). That file was used when I rooted my phone, so I am concerned. By the way, the two links posted above do not work.
Gaining root privileges seems to be reasonable (especially if it's part of rooting your droid), however it's legitimacy depends on the reason.
In plain English, I'm trying to say that the question about lotoor should be answered per attachment (tool) and not on a global basis.
BTW: lotoor also detected (virustotal 14/42) for zr file which is part of MTKdroidTools. I'm not qualified enough to answer if this is legit
I got this when I downloaded the ace hack kit, but disregard it.
Of COURSE it's a malicious exploit!
If you have specifically rageagainstthecage or zergrush, congratulations, your virus software has successfully discovered your ROOTING software for what it is - a malicious linux-based exploit used to root android devices!
Remember when the phone manufacturers locked the door to root? Remember we decided to break in and root em anyway? These linux exploits are what break the lock - (Super) One Click Root, root.jar files, root.exe files, etc etc. All executables with these 'virus's' that root your phone. That isn't to say you guys don't have something that may well be dangerous to linux machines, but if you still have rooting software on your Windows PC, then this is most likely what it is, and it's a-okay.
Hope you guys are sighing with relief
The4thDoctor said:
Has anyone confirmed or denied that this in a trojan? Kaspersky detected this file on my computer (backup of my sdcard). That file was used when I rooted my phone, so I am concerned. By the way, the two links posted above do not work.
Click to expand...
Click to collapse
voshell said:
this site tried to put this on my pc when i joined here
Click to expand...
Click to collapse
Have you downloaded or installed "Exynos Abuse" to root Samsung/Exynos powered device ??
Because that's what I have, and I get it all the time on my antivirus Kaspersky
Exynos Abuse main development page http://forum.xda-developers.com/showthread.php?t=2050297
wait a minute .. but my kaspersky detected it in a file named "root me " on the computer , i did root my samung mini2 with it , yet it's STILL fully functional after ks quarantined it !!
Is it something else?
"Failed to install the app" error on my Coolpad Dazen 1 while installing any app.
I patched my core.jar and service.jar with Lucky Patcher then I replaced my original files with the patched ones using ES Explorer then I restarted my phone after restarting the phone I am unable to install any of the applications and I lost my root access too.. Thanks
Greetings,
6. Do not post or request warez.
If a piece of software requires you to pay to use it, then pay for it. We do not accept warez nor do we permit members to request, post, promote or describe ways in which warez, cracks, serial codes or other means of avoiding payment, can be obtained or used. This is a site of developers, i.e. the sort of people who create such software. When you cheat a software developer, you cheat us as a community.
Thread closed.
Hi,
Basically the question is the title.
Can you grant root permissions to lucky patcher using adb.
I'm pretty new to adb and my phone isn't really rootable (yet)
What commands do I need to execute to grant lucky patcher root permissions.
adb shell pm grant com.android.vending.billing.InAppBillingService.CRAC android.permission.WRITE_SECURE_SETTINGS
And
adb shell pm grant com.android.vending.billing.InAppBillingService.CRAC android.permission.DUMP
Please tell me if I'm correct or correct me.
Thanks
Forum Rules
6. Do not post or request warez.
If a piece of software requires you to pay to use it, then pay for it. We do not accept warez nor do we permit members to request, post, promote or describe ways in which warez, cracks, serial codes or other means of avoiding payment, can be obtained or used. This is a site of developers, i.e. the sort of people who create such software. When you cheat a software developer, you cheat us as a community.
Click to expand...
Click to collapse
So now you know, Lucky patcher and what are you trying to achieve by installing it is not allowed on XDA, please find "help" on another place.
thread closed
hello guys I need help... I tried to install an apk (MIUI alpha launcher) as system app on my Mi10 Ultra (last miui13 weekly - android 12) with LuckyPatcher and as expected it ended in a bootloop... I am an idiot I know but I did it... I can access all system and data files trought TWRP.. I already removed magisk, magisk modules, all LuckyPatcher traces I found and also flashed rom again and again but it still ends in a bootloop... I managed to save my files trough TWRP but before wiping everything I'd like to try to fix the phone because I still have bunch of important data and app installed (work stuff, 2FA suth ecc)... what could be the bootloop cause? is there anyone that knows what LuckyPatcher does when attempting to install an apk as system? I don't think it touched system partition because is locked in my phone when not in twrp/fastboot mode... my bet is that it creates a script somewhere that is causing the loop... heeellp please thanks
@Slok 00 Thread closed! We don't allow any diccusions about or support to problems that are caused by the use of warez.
XDA Forum Rules (excerpt):
6. Do not post or request warez.
If a piece of software requires you to pay to use it, then pay for it. We do not accept warez nor do we permit members to request, post, promote or describe ways in which warez, cracks, serial codes or other means of avoiding payment, can be obtained or used. This is a site of developers, i.e. the sort of people who create such software. When you cheat a software developer, you cheat us as a community.
Click to expand...
Click to collapse
Regards
Oswald Boelcke
Senior Moderator
Hello guys,
I really need your help here I don't know what to do. This is an android problem, specifically on Xiaomi Mi 10T Pro.
I installed busybox SB Patcher (which is a modified version of lucky patcher from sbenny. com). I tried to use it and it crashed, after that all the apps on my phone got their icons replaced by the default android logo and had their names replaced with their original app names (com. google. etc.). Any application I tried to use would not work. After a while of nothing working I rebooted the device and now it won't boot. It's stuck at the MIUI Logo. After a while I get to the MIUI Rescue System were my only option is to wipe my data. I want to avoid losing my data at all costs.
The devices was rooted. I am not new to this kind of stuff, I have rooted a lot of devices in the past and used lucky patcher before and this is a first, I have no clue what could have possibly gone wrong or why it happened. I am pretty sure it was not a virus. I scanned the files using 2 different antivirus software plus the built in security before and after installation (I always do that to be extra safe).
For root I followed this guide: Root XDA Guide
I know it has something with either busybox or SB Patcher, maybe something went wrong when it was trying to build the custom apk ? I really don't know. My devices has been rooted for about 1,5 years now so i am positive it is not the rom or the root.
I am at a loss here, I feel quite stupid to be honest. Is there anything to do to save my phone without wiping my data ?
Thank you all so much !
Edit:
I am thinking about plugging the phone in my computer to see if I have access to my files, if they are still there and see what is going on, but I am not sure if it is safe or if it's a good idea
Also I should mention I can boot into TWRP but I can't find any system files. System is mounted but I see that it reads internal storage as 0mb. I couldn't find why
Try to re-flash Stock ROM.
jwoegerbauer said:
Try to re-flash Stock ROM.
Click to expand...
Click to collapse
I will try that. I am guessing that means I will lose my root and twrp ? I don't really care as long as it fixes my phone but I'd just like to know.
Also I remember when I flashed the custom rom I had to wipe my data, won't I have to do that as well ?
And last question, should I flash the latest version ? I read somewhere that Xiaomi has anti-rollback protection. Could that be a problem ? For rooting in the future for example ?
Sorry for the bombardment of questions here, but my knowledge on the matter is deficient.
Thank you for your reply !
Can someone please help me ? It might be a noob question but I am really afraid to mess up
I connected my phone to my PC and I can't access it's files so I can't buck them up nor load the rom I need to flash, is there a setting on TWRP I have wrong or what do I have to do ? My phone doesn't show up at all on my computer
Leonniar said:
I installed busybox SB Patcher (which is a modified version of lucky patcher from sbenny. com).
Click to expand...
Click to collapse
@Leonniar Thread closed!
Lucky Patcher (or any of its derivates) is considered serious warez on XDA, and we do not provide a platform to discuss any issues by its use! Maybe it's worth to completely review the XDA Forum Rules? Below you find an excerpt:
6. Do not post or request warez.
If a piece of software requires you to pay to use it, then pay for it. We do not accept warez nor do we permit members to request, post, promote or describe ways in which warez, cracks, serial codes or other means of avoiding payment, can be obtained or used. This is a site of developers, i.e. the sort of people who create such software. When you cheat a software developer, you cheat us as a community.
Click to expand...
Click to collapse
Please refrain in future from posts like this one! We take warez very seriously!
Regards
Oswald Boelcke
Senior Moderator