adb_root
unlocked-bootloader-backdoor-demo
adb_root | unlocked-bootloader-backdoor-demo | |
---|---|---|
2 | 3 | |
395 | 32 | |
- | - | |
0.0 | 0.0 | |
over 2 years ago | almost 3 years ago | |
Makefile | C++ | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
adb_root
unlocked-bootloader-backdoor-demo
-
How android gets more vulnerable when rooted when it's still a Linux based OS ?
I actually made a proof-of-concept: https://github.com/LuigiVampa92/unlocked-bootloader-backdoor-demo
-
Should I be paranoid about security and privacy on Lineage OS 17.1?
It is possible. The only required thing is an unlocked bootloader, once you have it and you have a few minutes of physical access to the device you can install a persistent backdoor. No matter if there is a stock or a custom ROM on the device, no matter if there is root installed or not, no matter if device is encrypted or not. I even made a small proof of concept - you can check it here, just be careful and make a backup of partitions
-
LineageOS (in)security
I have made a research and created a proof-of-concept how an android device with an unlocked bootloader (which means that we talk about almost any device using custom ROM, root, etc) in case an adversary has a temporary physical access to it (a couple of minutes is enough) can be silently injected with a backdoor that will be successfully installed in almost any case, no matter which OS version it has, no matter if it’s encrypted or not, no matter if it has root or not. I have written an article about it. You can check it here (I’m sorry, it’s only in russian, but the google translate should work) and get the code here to test it yourself.
What are some alternatives?
mtk-easy-su - Get bootless root access with few clicks.
magisk-drm-disabler - Read-only mirror from GitLab. A Magisk module designed to disable DRM completely on Android
Magisk-Ad-Blocking-Module - Magisk module to block ads on android
nfqttl - Magisk module change ttl.
adguardcert - Magisk module that allows using AdGuard's HTTPS filtering for all apps
EdXposed - Elder driver Xposed Framework.
adduser-dll - Simple DLL that add a user to the local Administrators group
callrecorder-axet - Magisk module for installing axet's Call Recorder app
safetynet-fix - Google SafetyNet attestation workarounds for Magisk
android_device_Unihertz_Atom_XL_EEA - Device tree for the Unihertz Atom XL EEA (european union)
callrecorder-axet - Magisk module for installing axet's Call Recorder app