A penetration test of Ubuntu Touch 16.04 that identified 7 vulnerabilities, including a critical kernel exploit (CVE-2021-3493) allowing root access. This report provides findings and actionable hardening recommendations.# Ubuntu Touch Security VAPT Report
Welcome to the Ubuntu Touch penetration test repository. This project provides a detailed breakdown of security findings from an assessment of Ubuntu Touch (v16.04, Kernel 5.4.0).
The goal is to offer a clear, actionable resource for developers and the open-source community to improve the security posture of the operating system.
## Project Structure
```
UbuntuTouchSecurityVAPTReport/
├── ISSUE_TEMPLATE/
│ └── finding.md # Issue template for new findings
├── findings/
│ ├── CRITICAL-CVE-2021-3493.md
│ ├── CRITICAL-Insecure-Credential-Storage.md
│ ├── HIGH-Disabled-ASLR.md
│ ├── HIGH-Weak-Snap-Confinement.md
│ ├── MEDIUM-Outdated-Snap-Packages.md
│ ├── MEDIUM-Unencrypted-Device-Storage.md
│ └── MEDIUM-Unrestricted-Sudo-Access.md
├── scripts/
│ ├── CVE-2021-3493-poc.c # Proof-of-concept exploit code
│ └── mobsf_setup.sh # Automation script for setting up MobSF
├── README.md # This file
└── report.pdf # Complete security assessment report
```
## Quick Start
* [**Full Report**](report.pdf): Complete security assessment report with methodology and findings
* [**Browse Individual Findings**](findings/): Detailed technical write-ups for each vulnerability
* [**Explore PoC Scripts**](scripts/): Proof-of-concept and automation scripts used during testing
* [**Issue Template**](ISSUE_TEMPLATE/finding.md): Template for reporting new security findings
## Security Findings Summary
### Critical Severity
- **CVE-2021-3493**: Linux Kernel OverlayFS Privilege Escalation
- **Insecure Credential Storage**: Plaintext storage of sensitive authentication data
### High Severity
- **Disabled ASLR**: Address Space Layout Randomization not properly implemented
- **Weak Snap Confinement**: Insufficient security policies for snap packages
### Medium Severity
- **Outdated Snap Packages**: Multiple packages with known security vulnerabilities
- **Unencrypted Device Storage**: Lack of encryption for user data and system files
- **Unrestricted Sudo Access**: Overly permissive privilege management
## Tools and Scripts
### Proof of Concept
- `CVE-2021-3493-poc.c`: Demonstrates the OverlayFS privilege escalation vulnerability
### Automation
- `mobsf_setup.sh`: Automated setup of Mobile Security Framework for Ubuntu Touch testing
## Usage
### Running the CVE-2021-3493 PoC
```bash
cd scripts
gcc -o cve-2021-3493-poc CVE-2021-3493-poc.c
./cve-2021-3493-poc
```
### Setting up MobSF for Testing
```bash
cd scripts
chmod +x mobsf_setup.sh
./mobsf_setup.sh
```
## Contributing
New findings are welcome! Please use the [**New Finding issue template**](ISSUE_TEMPLATE/finding.md) to submit a new vulnerability report.
### Reporting Process
1. Use the provided template in `ISSUE_TEMPLATE/finding.md`
2. Follow the established severity classification
3. Include proof-of-concept code when applicable
4. Provide clear remediation steps
## Disclaimer
This repository contains information about security vulnerabilities for educational and research purposes. The proof-of-concept code should only be used on systems you own or have explicit permission to test. The authors are not responsible for any misuse of this information.
[4.0K] /data/pocs/d1e7affc9b303af7c8f7807b5e65ef3921059693
├── [4.0K] findings
│ ├── [2.3K] CRITICAL-CVE-2021-3493.md
│ ├── [2.3K] CRITICAL-Insecure-Credential-Storage.md
│ ├── [2.2K] HIGH-Disabled-ASLR.md
│ ├── [2.1K] HIGH-Weak-Snap-Confinement.md
│ ├── [2.1K] MEDIUM-Outdated-Snap-Packages.md
│ ├── [2.0K] MEDIUM-Unencrypted-Device-Storage.md
│ └── [2.0K] MEDIUM-Unrestricted-Sudo-Access.md
├── [4.0K] ISSUE_TEMPLATE
│ └── [1.0K] finding.md
├── [3.3K] README.md
├── [ 84K] report.pdf
├── [4.0K] scripts
│ ├── [4.9K] CVE-2021-3493-poc.c
│ └── [7.1K] mobsf_setup.sh
└── [7.4M] WalkthroughVideo.mp4
3 directories, 13 files