Open dazzleworth opened 4 months ago
ng-dst
commented
4 months ago Most recoveries (including TWRP) allow flashing unsigned zips, so you can ignore this warning.
P.S. came across your thread on xda. AFAIK, you can safely install Magisk again and it shouldn't wipe your data or cause bootloop. Not sure about Samsung, though. You may give it a try, just make sure you backup partitions with TWRP before flashing.
dazzleworth
commented
4 months ago Thanks for your quick reply. Is there any reason we need to flash it using TWRP? Can we not just run
adb sideload zip_reverse_shell_v2.zip
while phone is booted up and data closer to decrypted state? In which case probably need it to be signed if adb doesn't allow unsigned zips and possibly require APK format. Ideally a real exploit would require minimal intervention to install and gain escalated privileges.
As per Xda thread. I can confirm magisk bootloops when flashed without wipe as per topjohnwu's instructions for samsung devices. And many threads on xda included it as a required step
ng-dst
commented
4 months ago This zip is not a runtime exploit - what the installer does is that it modifies boot partition in order to bypass SELinux and launch the payload on device startup, just like Magisk does.
If bootloops with Magisk are caused by modification of /boot, chances are installation of this rootkit will trigger bootloop as well. In this case, you can try to backup (adb pull) all available data without root, then install Magisk and perform a factory reset. Although some app data will be lost, this is still an option
Is it necessary to sign zip that's to be adb sideloaded with TWRP?