보안 혹은 해킹기법 연구 #

• 보안/해킹 기법 관련 문서 직접 리서치
• CVE 재현
• 추가적인 연구 ( 핵 구현, 모드 등)
• 멀웨어 책

TODO #

• CVE-2024-48336 : Magisk EOP
• CVE-2022-20474 : LazyValue 시나리오 Parcel
  • https://github.com/cxxsheng/CVE-2022-20474?tab=readme-ov-file
  • https://github.com/michalbednarski/LeakValue
  • https://blog.canyie.top/2025/02/04/CVE-2024-49721/
• CVE-2021-0691 : mystique
  • https://dawnslab.jd.com/mystique-paper/mystique-paper.pdf
  • https://www.secwest.net/csw22presentations/mystiquehits
• CVE-2024-1086 : nftables
  • https://pwning.tech/nftables/
• CVE-2023-20938 : UAF로 Binder공격 후 권한상승
  • https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/
• hook to rce
  • https://blog.voorivex.team/from-an-android-hook-to-rce-5000-bounty
• mali GPU 취약점 : https://github.com/0x36/Pixel_GPU_Exploit
  • pixel 6 pro에서 시도한듯. https://starlabs.sg/blog/2025/06-solo-a-pixel-6-pro-story-when-one-bug-is-all-you-need/#conclusion
• blog
  • https://securityonline.info/
  • https://cyrus-studio.github.io/blog/
  • https://wrlus.com/
  • https://blog.canyie.top/
  • https://teamcrak.tistory.com/
  • https://blog.moeworld.tech : canyie의 팔로우
  • https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability/
• document
  • https://bbs.kanxue.com/thread-281508.htm
  • https://bbs.kanxue.com/thread-271043.htm
• GPU관련 다른취약점들 https://www.cnblogs.com/hac425/p/18543638/gpu-driver-vulnerability-technical-mystery-of-spying-on-driving-vulnerabilities-1c4woh