Author Archives: drosenbe
I recently unlocked the bootloader for the consumer editions of Motorola Android devices using Qualcomm Snapdragon processors. This includes the Razr HD, Razr Maxx HD, Razr M, and Atrix HD models. The details of this research have been published on Azimuth Security’s blog.
I discovered a neat little trick on Linux: on x86 (and a few other less common architectures), it’s possible to determine from an unprivileged process whether an address residing within the kernel address space is mapped or unmapped.
Another silly file permissions bug. At least the exploitation of this one was a little bit more interesting.
Yawn. LG loses, users win.
Someone mentioned to me that yesterday’s root for the Motorola XYBoard appeared to not work on the Xoom Family Edition (FE), so I took a look. What I found was a set of vulnerabilities so egregious that it’s hard to not draw comparisons to a deliberate backdoor.
Another day, another tablet rooted. I wonder when Motorola will realize that it’s hopeless to try to prevent device owners from controlling their own hardware.
Someone told me that LG patched the last vulnerability used to root the LG Esteem. Here’s another root.
Yesterday, I tried a little experiment in releasing a root exploit for the Motorola Droid 4. I set up a bounty, where the first $200 would go towards me buying myself a Droid 4 in exchange for the work I’ve done developing the exploit, and the remaining bounty money would go directly to the American Red Cross. I thought this would be a good arrangement for everyone: users get a shiny root exploit for a few bucks, I get a new phone in payment, and money gets donated to charity. Everybody wins.
After getting a taste of rooting tablets with the Lenovo Thinkpad tablet, I decided to turn my attention to the Sony Tablet S. It turned out to be a tough device to root.
Another day, another Android root. Let’s just skip the details this time and let Lenovo figure it out for themselves. The following root package only works on Windows. I feel like a Linux traitor right now, but 99% of the people using this run Windows, and if you run Linux, just peek at the batch script and perform the steps manually.