Where to Buy Trend Micro Products

For Home

For Small Business

1-888-762-8736
(M-F 8:00am-5:00pm CST)

For Enterprise

1-877-218-7353
(M-F 8:00am-5:00pm CST)

Not in the United States?
Select the country/language of your choice:

Asia Pacific Region

Europe

The Americas

Not in the United States?
Select the country/language of your choice:

Asia/Pacific

Europe

America

Login

For Home

For Business

For Partners

Threat Encyclopedia

ELF_LOTOOR.C

ANALYSIS BY

Weichao Sun


THREAT SUBTYPE:

Rooting Tool

PLATFORM:

Android OS

OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:

  • Threat Type:Hacking Tool

  • Destructiveness:No

  • Encrypted:

  • In the wild: Yes

OVERVIEW


This hacking tool may be manually installed by a user.

TECHNICAL DETAILS

File Size:

23,060 bytes

File Type:

ELF

Initial Samples Received Date:

23 Aug 2012

Arrival Details

This hacking tool may be manually installed by a user.

NOTES:

It can be launched manually or by another application. After launched, it executes following steps to root the device:

  • Back up self to /data/local/tmp/boomsh
  • Back up /system/bin/sh to /data/local/tmp/sh
  • Check if already have a 0 user ID (i.e. root privilige)
  • Check system version, if the system is neither Android2.2 nor Android2.3 , it then exits
  • Check the vold executable file version
  • Run the exploit module according to the system version
  • If the exploit module fails, it then exits
  • Sets ro.kernel.qemu value to 0
  • Kill and restart the ADB process

Executing the exploit roots the ADB shell.

Connect with us on