History

Jonathan Herrewijnen 091efe2f80 mib3 boots with debugger until after BL2. BL33 not properly booting		2024-11-05 18:30:55 +01:00
..
.vscode	modifies pointers to also debug boot MIB3	2024-11-05 17:30:09 +01:00
debugger
stage1	Updating readme and adding some necessary binaries to run the exploit	2024-08-20 16:31:49 +02:00
.gitignore
exploit.py	mib3 boots with debugger until after BL2. BL33 not properly booting	2024-11-05 18:30:55 +01:00
exynos8890.dtsi
exynos8895-reference.dtsi
ghidra.py
Readme.md
ttbr0_el3.pkl	modifies pointers to also debug boot MIB3	2024-11-05 17:30:09 +01:00

Exploit

Python implementation of Frederick's exploit. This gives a bit more insight in the bug.

Debugger

The debugger is used for chain loading the next stages. See the documentation folder for more docs

Navigate to stage1 and build it:

export ANDROID_NDK_ROOT=$TOOLCHAINENV/android-ndk-r21_Linux
make

This will build stage1

python3 exploit.py