Vault7: CIA Hacking Tools Revealed
Navigation: » Latest version
Android Exploits and Techniques
(S)
Proof-of-Concept Name | Contract/Partner | Weaponized/Delivered Name | Description | Affected Devices | Type |
---|---|---|---|---|---|
Bonobo | Fangtooth | Glutamine (glt) | Shell->Root Priv (Framebuffer/graphics) | Priv | |
Colobus | Fangtooth | Creatine (crt) | Shell->Root Priv (Framebuffer/graphics stack vuln) | Priv | |
Dugtrio | Anglerfish | Angerquake/Dugtrio |
Browser/Javascript bridge Doesn't require porting |
4.0 - 4.1.2 newer Samsung devices might have the vulnerability, but it is not guaranteed. |
Remote Access |
FLAAFY | Anglerfish | User->System Priv | Priv | ||
Flameskimmer | SurfsUp | HGH | User->Root Priv | BCM WiFi chipset devices | Priv |
Freedroid/EerieIndiana | Fangtooth | Freedroid (fd3) | Kernel/user mem vuln | subset 2.3.6 - 4.2, unreliable in 4.3 - 4.4 | Priv |
HGH | Flameskimmer | 4.3 - 4.4.2 | Priv | ||
Levitator | pre 2.3 - 2.3.5 | Priv | |||
Lugia | (Peppermint) | LugiaLight (lgl) | MSM devices until ~4.4 | Priv | |
Night Monkey | Fangtooth | Nightmonkey | User->System Priv, physical access required (Dex repack/MTP vuln) | Priv | |
Salazar | Chrome v34 - ? | Remote Access | |||
Simian | Fangtooth (Not yet delivered) | User->Root Priv, KGSL driver | MSM8974 devices | Priv | |
Skor | Angerquake/Skor | Requires porting per device | 2.2 - 2.3.6 | Remote Access | |
Snubble/Snubull | Anglerfish | User->System Priv (with Absolute LoJack software) |
Samsung Galaxy S5 (KOT49H.G900HXXU1ANCD) Samsung Galaxy Note 3 (KOT49H.N900W8UBUCNC1) Samsung Galaxy S4 (KOT49H.I9500UBUFNB3) |
Priv | |
Spearrow | Remote Info Leak | ||||
Starmie | Remote Access | ||||
Swamp Monkey | Fangtooth | B12 | System->Root Priv | Priv | |
Totodile | Anglerfish | Livestrong | Library load via property | Kitkat+ devices | Persistence |
T2 | Anglerfish | Towelroot | OS before 3 June 2014 | Priv |