Mirror/rayhunter
1
0
Fork 0
mirror of https://github.com/EFForg/rayhunter.git synced 2026-04-28 00:20:00 -07:00
Code Issues Packages Projects Releases Wiki Activity

rootshell: use magic Android GIDs to access sockets

Browse Source 
Android kernels with CONFIG_ANDROID_PARANOID_NETWORK extensions set
require users to have a few special group IDs before getting network
access. Unfortunately, we need to use nightly to get access to the
.groups() method.
This commit is contained in:
Will Greenberg
2024-07-22 16:48:17 -07:00
committed by Cooper Quintin
parent 25fa4aa0c1
commit 0237cb799b
3 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
rootshell/src/main.rs
View File

@@ -1,3 +1,5 @@
#![feature(setgroups)]
//! a simple shell for uploading to the orbic device.
//!
//! It literally just runs bash as UID/GID 0
@@ -5,6 +7,14 @@ use std::process::Command;
use std::os::unix::process::CommandExt;
use std::env;
const ANDROID_PARANOID_NETWORK_GROUPS: &[u32] = &[
3001, // AID_BT
3002, // AID_BT_NET
3003, // AID_INET
3004, // AID_NET_RAW
3005, // AID_ADMIN
];
fn main() {
let mut args = env::args();
@@ -14,5 +24,6 @@ fn main() {
.args(args)
.uid(0)
.gid(0)
.groups(ANDROID_PARANOID_NETWORK_GROUPS)
.exec();
}