The net is flooded with apps and malwares exploiting the vulnerability in VOLD volume manager daemon to jailbreak or root Android 2.2 and Android 2.3 device. The vulnerability has been fixed in Android 2.3.3, but there are hundreds of thousands of devices with Android 2.2 and Android 2.3 in the market and there is no easy way to patch them.
If you want to jailbreak your Android phone running Gingerbread (Android 2.3) or Froyo (Android 2.2) this vulnerability is god send. But there are at least 80 Android malwares that are exploiting this to get root on your phone and screw it.
If you want to avoid getting your Android phone infected,read this.
If you want to root your phone running Android gingerbread, download the rooting app, it is at the end of this post.
Details of this vulnerability.
This exploit uses a vulnerability in which the VOLD daemon explicitly trusts messages received from PF_NETLINK sockets. This allows execution of arbitrary code from user level processes to gain root. Gingerbreak exploits the DirectVolume::handlePartionAdded method in DirectVolume.cpp.
How this exploit works?
The exploit can be used only through adb. Once you run the exploit, it gains root access and upon success it remounts /system in read/write mode and runs a script that installs other root apps such as superuser.apk. Once superuser.apk is installed it can be used to install the “su” binary. After the exploit it is complete, it reboots the phone and you have root access.
Requirements to run this exploit.
1. You must have USB debugging enabled
2. A blank/formatted SD card is required.
3. The exploit apk and superuser apk must be pushed to the device through adb.
1. This exploit does not do temporary root.
2. Reboot between rooting attempts
3. Have patience, it can take up to 10 minutes for an attempt to succeed or fail.
This will void warranty and/or brick your phone or device. And only you are responsible for it.
This exploit was released by Sebastian Krahmer.