nomisec
WORKING POC
330 stars
by 0xbinder · poc
https://github.com/0xbinder/CVE-2024-0044
This repository contains a functional exploit for CVE-2024-0044, a local privilege escalation vulnerability in Android 12/13's PackageInstallerService. The exploit manipulates session creation to perform a 'run-as any app' attack, allowing unauthorized data extraction from apps like WhatsApp without root access.
Classification
Working Poc 95%
Target:
Android 12, Android 13
No auth needed
Prerequisites:
USB debugging enabled · ADB access to the target device · APK file for installation
nomisec
WORKING POC
170 stars
by canyie · poc
https://github.com/canyie/CVE-2024-0044
This repository contains a functional exploit PoC for CVE-2024-0044, a vulnerability in the Android framework allowing arbitrary code execution under the UID of any app. The exploit bypasses the original patch by leveraging an unvalidated `installerPackageName` parameter in the `PackageInstallerService`.
Classification
Working Poc 95%
Target:
Android 12-13 (security patch level before 2024-10-01)
Auth required
Prerequisites:
ADB access · Victim app UID
nomisec
SUSPICIOUS
76 stars
by scs-labrat · poc
https://github.com/scs-labrat/android_autorooter
The repository claims to exploit CVE-2024-0044 but lacks functional exploit code, instead providing vague instructions and external references. The README focuses on payload delivery via Metasploit without technical details about the vulnerability itself.
Classification
Suspicious 90%
Target:
Android 12/13
No auth needed
Prerequisites:
Victim interaction to install payload.apk · Network access to attacker-controlled server
nomisec
WORKING POC
24 stars
by sridhar-sec · poc
https://github.com/sridhar-sec/EvilDroid
EvilDroid is an automated exploit tool for CVE-2024-0044, targeting Android applications via ADB to install malicious payloads and extract sensitive data. It automates APK installation, payload execution, and data extraction using ADB commands.
Classification
Working Poc 90%
Target:
Android applications (specific version not specified)
No auth needed
Prerequisites:
ADB installed and configured · Python 3.x · Connected Android device with ADB enabled
nomisec
WORKING POC
13 stars
by Re13orn · poc
https://github.com/Re13orn/CVE-2024-0044-EXP
This repository contains a functional exploit for CVE-2024-0044, an Android privilege escalation vulnerability that allows arbitrary app sandbox file extraction via newline injection in the 'run-as' command. The script automates the process of installing a malicious APK with a crafted payload to bypass debuggability checks and extract target app data.
Classification
Working Poc 95%
Target:
Android 12/13
Auth required
Prerequisites:
ADB access to the target device · Developer mode enabled on the device · Physical or remote access to the device
nomisec
WORKING POC
12 stars
by MrW0l05zyn · poc
https://github.com/MrW0l05zyn/cve-2024-0044
This repository contains a functional Python exploit for CVE-2024-0044, a local privilege escalation vulnerability in Android's 'run-as' command. The exploit allows an attacker with ADB access to bypass the Application Sandbox and access private files of any installed application.
Classification
Working Poc 95%
Target:
Android versions 12, 12L, 13, and 14
Auth required
Prerequisites:
ADB shell access · Developer mode enabled on the target device · Target package name · Any APK file
nomisec
WORKING POC
5 stars
by Athexblackhat · poc
https://github.com/Athexblackhat/EXPLOITER
This repository contains a functional exploit for CVE-2024-0044, targeting Android applications via ADB. The script automates the process of pushing an APK, generating a payload, and extracting data from a vulnerable application.
Classification
Working Poc 90%
Target:
Android applications (e.g., com.whatsapp)
Auth required
Prerequisites:
ADB access to the target device · APK file to install · Target package name
nomisec
WORKING POC
5 stars
by l1ackerronin · poc
https://github.com/l1ackerronin/CVE-2024-0044
This repository contains a functional Bash script that automates the exploitation of CVE-2024-0044, a privilege escalation vulnerability in Android applications via the `run-as` command. The script pushes a malicious APK, extracts the target UID, generates a payload, and guides the user through executing commands in an ADB shell.
Classification
Working Poc 90%
Target:
Android applications (specific versions not specified)
No auth needed
Prerequisites:
ADB access · Rooted Android device · Target application package name · Malicious APK file
nomisec
WORKING POC
4 stars
by Athexhacker · poc
https://github.com/Athexhacker/EXPLOITER
This repository contains a functional exploit for CVE-2024-0044, targeting Android applications via ADB. The script automates the process of pushing an APK, generating a payload, and extracting data from the target application.
Classification
Working Poc 90%
Target:
Android applications (e.g., com.whatsapp)
Auth required
Prerequisites:
ADB access to the target device · Target package name · APK file to install
nomisec
WORKING POC
4 stars
by 007CRIPTOGRAFIA · poc
https://github.com/007CRIPTOGRAFIA/c-CVE-2024-0044
This repository contains a functional exploit for CVE-2024-0044, which leverages a vulnerability in Android's run-as command to execute arbitrary APKs with the privileges of another application. The exploit automates the process of pushing an APK, generating a payload, and extracting data from the target application's directory.
Classification
Working Poc 90%
Target:
Android (specific version not specified)
Auth required
Prerequisites:
ADB access to the target device · Target application package name · APK file to be installed
nomisec
WORKING POC
2 stars
by Dit-Developers · poc
https://github.com/Dit-Developers/CVE-2024-0044
This repository contains a functional Bash script that exploits CVE-2024-0044, a 'run-as any app' vulnerability in Android 12 and 13. The exploit leverages ADB to install a malicious APK and extract data from a target application by abusing the 'run-as' command with crafted payloads.
Classification
Working Poc 90%
Target:
Android 12, Android 13
Auth required
Prerequisites:
ADB access · USB debugging enabled · Target APK file
nomisec
WORKING POC
1 stars
by hunter24x24 · poc
https://github.com/hunter24x24/cve_2024_0044
This repository contains a functional exploit for CVE-2024-0044, a local privilege escalation vulnerability in Android 12/13's PackageInstallerService. The exploit leverages improper input validation in the createSessionInternal function to perform a 'run-as any app' attack, allowing unauthorized data extraction from applications like WhatsApp, Google Messages, or Contacts.
Classification
Working Poc 95%
Target:
Android 12, Android 13
No auth needed
Prerequisites:
USB debugging enabled on the target device · ADB access to the device · An APK file to push to the device
gitlab
STUB
by user.gameover.user · poc
https://gitlab.com/user.gameover.user/testtt
The repository contains only a generic GitLab README template with no exploit code, technical details, or references to CVE-2024-0044. It appears to be a placeholder or empty project.
Target:
unknown
No auth needed
nomisec
WORKING POC
by JackTekno · poc
https://github.com/JackTekno/Chrome-Forensic_CVE-2024-0044
This repository contains a functional exploit for CVE-2024-0044, leveraging the 'Run-as' vulnerability to bypass permission restrictions on non-rooted Android 12/13 devices. It extracts Google Chrome forensic data by exploiting the package manager to gain unauthorized access to app data directories.
Classification
Working Poc 95%
Target:
Android 12/13 with Google Chrome
No auth needed
Prerequisites:
ADB access to the target device · USB debugging enabled · Dummy APK file
github
WORKING POC
by GabrieleDattile · pythonpoc
https://github.com/GabrieleDattile/cve-pocs/tree/main/CVE/CVE-2024-0044
The repository contains functional exploit code for CVE-2024-0044, demonstrating a denial-of-service vulnerability in Android's NotificationManagerService. The PoC leverages the `addAutomaticZenRule` API to exhaust device memory by creating malicious 'Do Not Disturb' rules.
Classification
Working Poc 90%
Target:
Android NotificationManagerService (versions prior to January 2023 security patch)
Auth required
Prerequisites:
Android device with API level 24 or higher · ACCESS_NOTIFICATION_POLICY permission
nomisec
WORKING POC
by Kai2er · poc
https://github.com/Kai2er/CVE-2024-0044-EXP
This repository contains a functional exploit for CVE-2024-0044, which leverages a vulnerability in Android's 'run-as' command to forge UID permissions and extract data from targeted applications. The script automates the exploitation process by crafting a malicious payload and using ADB to install it, then extracts the target app's data into a tar archive.
Classification
Working Poc 95%
Target:
Android 12, 13 (pre-March 2024 security update)
Auth required
Prerequisites:
ADB access to the target device · Target package name · Device running Android 12 or 13 without March 2024 security update