CVE-2024-31317

This repository contains a functional exploit for CVE-2024-31317, a command injection vulnerability in Android's Zygote process. The exploit leverages the `hidden_api_blacklist_exemptions` setting to inject malicious commands, potentially leading to local privilege escalation (LPE) by spawning a new process with elevated privileges.

This repository contains a functional Python-based exploit for CVE-2024-31317, an Android Zygote injection vulnerability. The toolkit automates the exploitation process, providing a reverse shell with system privileges and attempting to bypass OEM unlocking restrictions.

This repository contains a functional PoC for CVE-2024-31317, targeting Android Zygote process privilege escalation. It includes a reverse shell implementation and payloads for Android versions 9-13.

This repository contains a functional Android application that exploits CVE-2024-31317 to perform Zygote injection, enabling remote terminal access and file transfer. The tool leverages hidden API exemptions and requires Shizuku activation for privilege escalation.

This repository provides a detailed technical analysis of CVE-2024-31317, an Android vulnerability allowing unprivileged apps to escalate privileges to uid 1000 (system) or uid 2000 (shell). It includes explanations of Zygote arguments, SELinux context manipulation, and references to external sources for exploit implementation.

This repository contains a functional exploit for CVE-2024-31317, targeting a debuggable Android app vulnerability. The exploit uses ADB to set an app as debuggable, forwards JDWP, and manipulates the app's state via JDWP commands.

This repository contains a functional exploit for CVE-2024-31317, a command injection vulnerability in Android 9-13. It includes a reverse shell payload and detailed technical analysis of the vulnerability.

This repository contains a functional proof-of-concept exploit for CVE-2024-31317, which leverages a Zygote injection bug to remove profile owners (e.g., Family Link) on Android devices with Developer Mode enabled and pre-June 2024 security patches. The exploit involves compiling a native binary, embedding it in an APK, and injecting it via a crafted payload to bypass restrictions.

This repository contains a functional exploit for CVE-2024-31317, an Android Zygote command injection vulnerability. It includes a reverse shell payload, compilation script, and detailed technical analysis of the vulnerability.

This repository contains a functional exploit for CVE-2024-31317, which targets Android devices (versions 9-14) with security patches before 2024-06-01. The exploit leverages a zygote process vulnerability to spawn a bind shell with the target app's UID, enabling data extraction or command execution.

This repository contains a functional exploit for CVE-2024-31317, demonstrating privilege escalation to SYSTEM (UID 1000) via Zygote process manipulation in Android. It includes a full demo setup with malicious and victim apps, a dashboard for exfiltrated data, and detailed technical documentation.

This repository contains functional exploit scripts for CVE-2024-31317, targeting Android 11, 12, and 13. The exploit leverages a buffer overflow in the `hidden_api_blacklist_exemptions` global property to inject arbitrary commands, achieving local privilege escalation (LPE).

This repository contains a functional exploit for CVE-2024-31317, a command injection vulnerability in Android 9-13. It includes a reverse shell payload and detailed technical analysis of the vulnerability.

This repository contains a functional exploit for CVE-2024-31317, targeting Android's hidden API blacklist exemption mechanism. The exploit constructs a malicious payload to manipulate the 'hidden_api_blacklist_exemptions' setting, potentially leading to privilege escalation or arbitrary code execution.