Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-13156 PoC — Android System(art) 权限许可和访问控制问题漏洞

Source
https://github.com/M507/CVE-2017-13156
Associated Vulnerability
Title:Android System(art) 权限许可和访问控制问题漏洞 (CVE-2017-13156)
Description:An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847.
Description
To determine if an APK is vulnerable to CVE-2017-13156
Readme
### Check-CVE-2017-13156.py


```sh
root@ubuntu:~/CVE-2017-13156$ pip install androguard
root@ubuntu:~/CVE-2017-13156$ python Check-CVE-2017-13156.py InsecureBankv2.apk

Checking if InsecureBankv2.apk is vulnerable to CVE-2017-13156 vulnerability

InsecureBankv2.apk md5: 5ee4829065640f9c936ac861d1650ffc

InsecureBankv2.apk is signed
v1 scheme: True
v2 scheme: False
v3 scheme: False
minSdkVersion: 15 
InsecureBankv2.apk 5ee4829065640f9c936ac861d1650ffc is VULNERABLE
InsecureBankv2.apk can be exploited on devices running Android version < 8.0.0
```
File Snapshot

 [4.0K]  /data/pocs/04ed48f77cca8d8544738de842049d2887228963
├── [1.8K]  Check-CVE-2017-13156.py
└── [ 552]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →