[ot][spam][personal] uhhh should I understand the exploits my new phone is vulnerable to
Undiscussed Horrific Abuse, One Victim of Many
gmkarl at gmail.com
Fri May 6 04:13:30 PDT 2022
oh ha this new unihertz titan is based on a mediatek chipset line that has
been thoroughly exploited in multiple ways to bypass its security.
the exploits appear to be open source. they are made by human beings who
can be talked with.
mediatek chips are apparently arm. the author of mtkclient has an
exploitation playground repository at https://github.com/bkerler/exploit_me
. i'm not sure what it is, but maybe a vulnerable binary so that people can
learn how to build exploits to phones by reading their firmware? I'm
actually not sure.
the most prominent exploit for these devices is called kamakiri, the source
code for which is at https://github.com/amonet-kamakiri/kamakiri . I don't
know whether it's relevent for my phone or not.
bkerler's mediatek client at https://github.com/bkerler/mtkclient has a
number of additional command codes in it, many copied from the work of
preceding developers, showing how to do useful things like reading and
writing ram and emmc without the download agent (I think, not certain).
this developer also has a qualcomm client they have made.
i'd like to try to figure out what kamakiri does, and basically if any of
these exploits are relevent for my phone. ideally i'd like to learn what is
necessary or if it is possible to lock down my phone to prevent mutation of
it or of firmware dumps I download from it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1882 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20220506/c055a0bf/attachment.txt>
More information about the cypherpunks
mailing list