Skip to content

liuyun201990/StrandHogg2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.idea
.idea
 
 
app
app
 
 
gradle/wrapper
gradle/wrapper
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradle.properties
gradle.properties
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

StrandHogg2

  • Poc for StrandHogg2 (CVE-2020-0096)

Information of the original vulnerability

Current Description

  • In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109

Severity

  • CVSS 3.x Severity and Metrics:
    • Base Score: 7.8 HIGH
    • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

About

PoC of StrandHogg2 (CVE-2020-0096)

Resources

Readme

License

Apache-2.0 license
Activity

Stars

4 stars

Watchers

1 watching

Forks

12 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages