EUVD-2013-6577

Malware in sbrugna...

Exploit for Out-of-bounds Write in Google Android

AutomatedRoot !GitHubhttps://img.shields.io/github/license/...

Wireless GUI Android Security Assessment: Hijacker

Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng , MDK3 and Reaver . It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with an...

cSploit Android - The most complete and advanced IT security professional toolkit on Android

cSploit is a free/libre and open source GPLed Android network analysis and penetration suite which aims to be the most complete and advanced professional toolkit for IT security experts/geeks to perform network security assessments on a mobile device. See more at www.cSploit.org. Features Map you...

SuperSU - Dangerous filesystem permissions, External URLs, Possible privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application SuperSU published at the 'play' market has multiple vulnerabilities...

Hijacker - Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android

Hijacker is a Graphical User Interface for the wireless auditing tools airodump-ng, aireplay-ng and mdk3. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an android device with a wireless adapter that...

Intercepter-NG v1.9 - Multifunctional Network Toolkit for Android

Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of several famous separate tools and more over offers a good and unique alternative of Wireshark for android. The main features are: Network discovery with OS detection Network traffic...

CVE-2013-6774

Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an...

CVE-2013-6775

The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the 1 backtick or 2 $ type of shell metacharacters in the -c option to /system/xbin/su...

Design/Logic Flaw

Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an...

Code injection

The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the 1 backtick or 2 $ type of shell metacharacters in the -c option to /system/xbin/su...

CVE-2013-6775

The CVE-2013-6775 entry describes a privilege escalation in Chainfire SuperSU for Android, affected before version 1.69. The root cause is that the -c argument to /system/xbin/su can be parsed through shell metacharacters (backtick or $( )), allowing an attacker-controlled command to be executed ...

CVE-2013-6775

The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the 1 backtick or 2 $ type of shell metacharacters in the -c option to /system/xbin/su...

Android Superuser shell character escape vulnerability

Vulnerable releases of two common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root, either without prompting the user or after the user has denied the request: - CyanogenMod/ClockWorkMod/Koush Superuser current releases, including v1.0.2.1 ...

Android 4.2.x Superuser Unsanitized Environment

Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner: - ChainsDD Superuser current releases, including v3.1.3 - CyanogenMod/ClockWorkMod/Koush Superuser current releases,...

Android 4.2.x Superuser Shell Character Escape

Vulnerable releases of two common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root, either without prompting the user or after the user has denied the request: - CyanogenMod/ClockWorkMod/Koush Superuser current releases, including v1.0.2.1 ...

Samsung Exynos kernel exploit offer Root without Flashing

A user over at the XDA Developers Forum has gone searching through Samsung Exynos kernels and has found one whopper of an exploit. There’s both good and bad news with this exploit so head down below for more details on this new found glory. This exploits affects a number of Samsung-made devices,...