转自——使用root跳过小米USB安装应用确认(续) | LeadroyaL's website
最近又抓来一台小米手机当测试机,部署环境时候发现了新的 usb 相关功能的修改方式。
众所周知,小米手机开启 USB 安装功能,需要插入 SIM 卡登陆、需要登小米账号。我这台手机已root,懒得登陆了,就准备通过修改文件的方式来开启相关功能,还真做到了。 关键词:root,无需 xposed,无需 frida。 测试环境:miui9、miui10、miui11、miui12。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <pthread/pthread.h> | |
| #include <mach/mach.h> | |
| struct ool_msg { | |
| mach_msg_header_t hdr; | |
| mach_msg_body_t body; | |
| mach_msg_ool_ports_descriptor_t ool_ports[]; | |
| }; |
leesh3288
/ vm2_3.9.16_sandbox_escape.md
Last active
March 18, 2025 19:33
Sandbox Escape in [email protected]
Sandbox Escape in [email protected]
There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to raise an unsanitized host exception inside handleException() which can be used to escape the sandbox and run arbitrary code in host context.
OlderNewer