Fuzion24
commented
10 years ago What android device is this? It may have been patched. Does the example application of this bug install?
Open hubert3 opened 10 years ago
Fuzion24
commented
10 years ago What android device is this? It may have been patched. Does the example application of this bug install?
Fuzion24
commented
10 years ago It is the case that this tool will generate zip files which are not valid with regard to the spec (or a particular implementation), but are used to exploit an edgecase. So, it may be the case that normal unix tools don't like the files produced.
hubert3
commented
10 years ago It's a Samsung S4 running 4.2.2 which Cydia Impactor still works on, and which the Bluebox checker claims is still vulnerable to 9695860. Will try the example APK now
hubert3
commented
10 years ago bug9695860.apk installs fine on the phone. unzip -v bug9695860.apk also does not return any errors, whereas unzip -v on MasterKeysModded-orig.apk returns errors.
Fuzion24
commented
10 years ago Hmm, this seems like maybe the command line params are getting messed up somewhere.
Fuzion24
commented
10 years ago If you're just trying to gain system permissions, did you try just replacing the manifest?
$ java -jar ~/ZipArbitrage/bin/AndroidZipArbitrage.jar --9695860 orig.apk patched.apk Using Bug 9695860 to circumvent Android signatures
All seems fine, but:
$ adb install patched.apk Whoops: didn't find expected signature read_central_directory_entry failed file 'MasterKeysModded-orig.apk' is not a valid zip file rm failed for /data/local/tmp/MasterKeysModded-orig.apk, No such file or directory