Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-1805 PoC — Linux kernel‘fs/pipe.c’本地内存损坏漏洞

Source
https://github.com/ireshchaminda1/Android-Privilege-Escalation-Remote-Access-Vulnerability-CVE-2015-1805
Associated Vulnerability
Title:Linux kernel‘fs/pipe.c’本地内存损坏漏洞 (CVE-2015-1805)
Description:The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."
Description
AndroRAT is a capability that can be used to inject a root exploit as a silent installation to perform a malicious task on the device. This AndroRAT is designed to exploit CVE-2015-1805, a vulnerability that was discovered and made public in 2016.
Readme
# Android-Privilege-Escalation-Remote-Access-Vulnerability-CVE-2015-1805
inject a root exploit as a silent installation to perform a malicious task on the device. 

# Vulnerability

AndroRAT does not focus on targeting a specific
user but rather works to acquire the confidence of the entire network. Exploits are
used to facilitate the movement of data around a network and the uploading of
data from any device that is reachable. It is utilized for the purpose of remotely
managing an Android phone.

# Vulnerability Description

AndroRAT is a capability that can be used to inject a root exploit as a silent
installation to perform a malicious task on the device. This AndroRAT is
designed to exploit CVE-2015-1805, a vulnerability that was discovered and
made public in 2016, and which enables malicious actors to compromise a variety
of older Android devices in order to escalate their privileges.
File Snapshot

 [4.0K]  /data/pocs/2c2f767c8b1f47a99a23fea054f2dda548cda2ab
├── [2.4K]  androRaT.py
└── [ 903]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →