Closed m4b4 closed 7 months ago
Thanks!
@0x36 It was later I realized SELinux is seemingly not fully disabled for me:
panther:/ # whoami
root
panther:/data/local/tmp # ls
ls: .: Permission denied
1|panther:/data/local/tmp # getenforce
Permissive
Out of the top of your head, can you think of additional security mitigations that might need to be bypassed? I'm currently investigating this but without any success. I verified the uid is set to 0 and also the enforcing flag in selinux_state is zeroed out.
I just confirmed that the offsets for the Pixel 7 Pro SPL Nov-23 match with the offsets on my Pixel 7 (panther:14/UP1A.231105.003/11010452).