It doesn't have a web browser or, virtually, anything of use... but I think it supports enough of a web browser to log in into wifi captive portals.
This would almost surely work there too, though.
The exploit/POC (call it what you want) ran or appeared to have executed because:
1. I saw output on the Firefox tab when I navigated to <https://rootme.nebusec.io/b9e3f1a4-7c82-4d6e-9a51-2f8c4b3e0d...>.
2. I saw some output from the execution of the POC.
However, after I went to <https://rootme.nebusec.io/b9e3f1a4-7c82-4d6e-9a51-2f8c4b3e0d...> the phone froze and refused to respond to any input. The only thing that worked was restarting, which I wonder how it works given the, I think, the kernel has hung. Does anyone know how the kernel is able to respond to events whilst the system has hung? The screen remains on with the partial output of the execution of the POC until the screen saver kicks in ...
It would be nice to get a `Dockerfile` to build the exploit/POC.
I take it you did NOT unlock the bootloader?
> Two boot looped, I had to enter recovery and the other just powered off [0].
Absolutely crazy that it is possible to brick someone's phone via an exploit but ... hey.
After the power off what happened? Do things seem normal?
When it entered recovery mode where you able to get the phone in a clean state again? I take it that you did?
I'd really like to run this but I, ideally, do not want to run something random from the internet. It's a shame there is no `Dockerfile` to build this exploit/POC. All I want is LPE to `root` on a Samsung (Snapdragon) phone.
Honor 10 - Moto G04 - Poco X3
Poco is unlocked.
There is no brick on any, they're boot loader bugs and unrelated to the exploit. Recovery "reboot" was used.
You need to modify it to root, the example only crashes the kernel.