Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-0326 PoC — wpa_supplicant 缓冲区错误漏洞

Source
https://github.com/aemmitt-ns/skeleton
Associated Vulnerability
Title:wpa_supplicant 缓冲区错误漏洞 (CVE-2021-0326)
Description:In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
Description
Skeleton (but pronounced like Peloton): A Zero-Click RCE exploit for CVE-2021-0326
Readme
# Skeleton (but pronounced like Peloton)

A Zero-Click RCE exploit for CVE-2021-0326 on the Peloton Bike 

And also every other unpatched Android Device 

PoC requires ASLR to be disabled.

Associated blog post: https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device/

![diagram of exploit](eloop.svg)
File Snapshot

 [4.0K]  /data/pocs/b71f82f1a2df8538d22d5cdcc9db5d956c81afbe
├── [ 56K]  eloop.svg
├── [2.1K]  helper.js
├── [2.0K]  p2pcrash.py
├── [ 381]  README.md
├── [4.2K]  skeleton32.py
└── [4.2K]  skeleton.py

0 directories, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →