Comments for .dtors

Comment on Reversing Latest Exploid Release by My Favorites « phiger

My Favorites « phiger — Thu, 11 Aug 2011 09:51:55 +0000

[...] rooting (no pc required) – Droid Forum – Verizon Droid & the Motorola Droid ForumReversing Latest Exploid Release « .dtorsRooting the Droid without rsd lite up to and including FRG83D – Android [...]

Comment on Reversing Latest Exploid Release by Shakz Ali

Shakz Ali — Fri, 22 Jul 2011 06:27:09 +0000

Hi, i’m doing research on android Malwares, does anybody have any idea if there are any Metasploit exploits for android OS?

Comment on Reversing Latest Exploid Release by Unix Blather » Blog Archive » Android Market. Holy f*ck its APT!

Unix Blather » Blog Archive » Android Market. Holy f*ck its APT! — Sun, 22 May 2011 01:10:07 +0000

[...] though it will do nothing long term. A payload that doesn’t still contain the strings of the root exploit that waits a few weeks to run, will go [...]

Comment on Reversing Latest Exploid Release by .:: MalwareInfo.Org Blog ::. » Blog Archive » Android Malware “Droid Dream” Analyzed – Part 3

Wed, 27 Apr 2011 03:57:37 +0000

[...] gain root access. Please read the below description (taken from the blog post by Anthony Lineberry: Reversing Latest Exploid Release) It takes advantage of RLIMIT_NPROC max, which is a value that defines how many processes a given [...]

Comment on Reversing Latest Exploid Release by Google to throw harpoons on malicious apps | BackPoke

Google to throw harpoons on malicious apps | BackPoke — Sun, 06 Mar 2011 12:01:52 +0000

[...] user lompolo, the apps use an exploit known as “rageagainstthecage” which was discovered in August (very technical breakdown) to create the DroidDream-a malware. Google has acknowledged the issue of [...]

Comment on Reversing Latest Exploid Release by Google to throw the kill switch on malicious apps| Geek Android

Google to throw the kill switch on malicious apps| Geek Android — Sun, 06 Mar 2011 11:54:15 +0000

[...] by Reddit user lompolo, the apps use an exploit known as “rageagainstthecage” which was discovered in August (very technical breakdown) to create the DroidDream.a [...]

Comment on Reversing Latest Exploid Release by IT Secure Site » Android DroidDream Uses Two Vulnerabilities

IT Secure Site » Android DroidDream Uses Two Vulnerabilities — Fri, 04 Mar 2011 09:23:55 +0000

[...] corresponds to this local root exploit, and it is tried in case rageagainstthecage does not work. The idea behind rageagainstthecage create many processes, reach the maximum limit of [...]

Comment on Reversing Latest Exploid Release by Android DroidDream uses Two vulnerabilities | Fortinet Security Blog

Android DroidDream uses Two vulnerabilities | Fortinet Security Blog — Thu, 03 Mar 2011 16:08:37 +0000

[...] corresponds to this local root exploit, and it is tried in case rageagainstthecage does not work. The idea behind rageagainstthecage create many processes, reach the maximum limit of [...]

Comment on Reversing Latest Exploid Release by Isaac356

Isaac356 — Tue, 15 Feb 2011 03:21:09 +0000

Yup, that’s exactly why. I had to do a little research, but I finally figured that out. (The processes still exist so the parent can read their exit codes.)

Anyways, that totally helps, because making that many processes that sleep will lag the phone (Guess how I figured that out…)

Comment on Reversing Latest Exploid Release by Anthony

Anthony — Mon, 14 Feb 2011 23:44:18 +0000

I hope this code is correct, when I had done this the source hadn’t been released yet. I believe it works because the process still exists in a zombie state after it exits. Zombie processes still count towards the RLIMIT_NPROC max. Essentially you fill the proc limit with zombie processes before they can be reaped.