IonStack
The first browser-to-kernel full-chain RCE on Android 17
Source code will be publicly available in
01234567890123456789Days
01234567890123456789Hours
01234567890123456789Minutes
01234567890123456789Seconds
Check our open source code
github.com/NebuSec/CyberMeowfia
A series of write-ups is coming soon.
Step 1: Download vulnerable Firefox 151
fenix-151.0.multi.android-arm64-v8a.apk (archive.mozilla.org)
Step 2: Live PWN
rootme.nebusec.ai/b9e3f1a4-7c82-4d6e-9a51-2f8c4b3e0d17
List of supported kernel
Expected result:
If your kernel is marked Supported, Step 2 should give you root and change your wallpaper as the visible success signal.
If it is not supported yet, the phone will crash and reboot instead, without damaging the device. You can also modify the exploit yourself to support your device.
Link preview
GitHub - NebuSec/CyberMeowfia: PoCs and exploits for CVEs discovered by VEGA.
PoCs and exploits for CVEs discovered by VEGA. . Contribute to NebuSec/CyberMeowfia development by creating an account on GitHub. GitHub · github.com
Comments