Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-0044 PoC — Google Android 安全漏洞

Source
https://github.com/MrW0l05zyn/cve-2024-0044
Associated Vulnerability
Title:Google Android 安全漏洞 (CVE-2024-0044)
Description:In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Description
CVE-2024-0044
Readme
![python-static-badge](https://img.shields.io/badge/Python-blue?logo=python&logoColor=white)
![android-static-badge](https://img.shields.io/badge/Android-blue?logo=android&logoColor=white)

# CVE-2024-0044

- [CVE-2024-0044](https://nvd.nist.gov/vuln/detail/CVE-2024-0044) allows a "run-as" attack to be performed, resulting in a local escalation of privileges. This enables an attacker to access private files stored locally by any application on the mobile device, compromising the security guarantees provided by the "Application Sandbox".
- Requires ADB shell access and developer mode enabled on the mobile device.
- Affects Android versions 12, 12L, 13, and 14*.
- Discovered and disclosed by [Meta Red Team X](https://rtx.meta.security/exploitation/2024/03/04/Android-run-as-forgery.html) in March 2024.
- Security patch released by Google in the [Android security bulletin of March 2024](https://source.android.com/docs/security/bulletin/2024-03-01).

# Usage

```
python cve_2024_0044.py -p target.package.name -a any-app.apk
```
![cve-2024-0044](cve-2024-0044.gif)

> [!TIP]
> For the `any-app.apk` file, any mobile application can be used, such as [F-Droid](https://f-droid.org/), for example.
File Snapshot

 [4.0K]  /data/pocs/31778a4e7bf3980e6e6dc68534dcd7618d8d47b1
├── [380K]  cve-2024-0044.gif
├── [6.7K]  cve_2024_0044.py
└── [1.2K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →