Mobile Application Security Labs
Vector
Store your precious embeddings IN-THE-KERNEL cause userspace too slow. Features: fast lookups, zero OOBs, a destructor that you'll never use and more.
OutlineThis challenge contains a custom vulnerable Android kernel driver with a memory corruption vulnerability, which can be exploited on Android 15 with kernel version 6.6.46.
Objective
Your goal is to escalate your privileges and obtain the flag located at
/data/vendor/secret/flag.txt, and provide the flag and exploitation steps to proof you cracked this challenge.
Validate your exploit against the local debug environment first; port it to the Corellium device only after successful validation on debug environment.
Skills Required
- Kernel debugging
- Familiar with kernel drivers and memory corruption bugs
- Proficiency in reverse engineering techniques for analyzing and understanding code.
