Discover and read the best of Twitter Threads about #pwned

Most recents (1)

Profile picture
John Wu
@topjohnwu
Remember when I said using SELinux permissive is really bad? Here is a privilege escalation PoC where the only requirement is SELinux permissive. If you are still releasing custom ROMs/kernels with permissive, YOU ARE LITERALLY BACKDOORING YOUR USERS!
github.com/vvb2060/Magica
In this PoC, when you press install, it will gain (restricted yet still powerful) root access in a service and install Magisk to your boot image. This demo shows that any ARBITRARY app, including malware, can PERMANENTLY root your device without your consent and permission.
Imagine this scenario: you are using a custom kernel that ships with SELinux permissive. You accidentally install a malware using this loophole. The malware installs a modified "malicious Magisk" to permanently gain full root access. BOOM, your device is now #pwned.
Read 5 tweets

Related hashtags

#pwned

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!