diff --git a/Cargo.lock b/Cargo.lock index 591691e..53ab308 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -314,6 +314,12 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "bitflags" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de" + [[package]] name = "bitstream-io" version = "2.3.0" @@ -403,6 +409,12 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +[[package]] +name = "cfg_aliases" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" + [[package]] name = "chrono" version = "0.4.34" @@ -1121,9 +1133,9 @@ checksum = "03087c2bad5e1034e8cace5926dec053fb3790248370865f5117a7d0213354c8" [[package]] name = "libc" -version = "0.2.153" +version = "0.2.155" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd" +checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c" [[package]] name = "libfuzzer-sys" @@ -1244,6 +1256,18 @@ version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "650eef8c711430f1a879fdd01d4745a7deea475becfb90269c06775983bbf086" +[[package]] +name = "nix" +version = "0.29.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "71e2746dc3a24dd78b3cfcb7be93368c6de9963d30f43a6a73998a9cf4b17b46" +dependencies = [ + "bitflags 2.6.0", + "cfg-if", + "cfg_aliases", + "libc", +] + [[package]] name = "nom" version = "7.1.3" @@ -1440,7 +1464,7 @@ version = "0.17.13" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "06e4b0d3d1312775e782c86c91a111aa1f910cbb65e1337f9975b5f9a554b5e1" dependencies = [ - "bitflags", + "bitflags 1.3.2", "crc32fast", "fdeflate", "flate2", @@ -1710,7 +1734,7 @@ version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa" dependencies = [ - "bitflags", + "bitflags 1.3.2", ] [[package]] @@ -1763,6 +1787,9 @@ dependencies = [ [[package]] name = "rootshell" version = "0.1.0" +dependencies = [ + "nix", +] [[package]] name = "rusb" diff --git a/rootshell/Cargo.toml b/rootshell/Cargo.toml index 52cb6bd..a714608 100644 --- a/rootshell/Cargo.toml +++ b/rootshell/Cargo.toml @@ -6,3 +6,4 @@ edition = "2021" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] +nix = { version = "0.29.0", features = ["user"] } diff --git a/rootshell/rust-toolchain.toml b/rootshell/rust-toolchain.toml deleted file mode 100644 index 5d56faf..0000000 --- a/rootshell/rust-toolchain.toml +++ /dev/null @@ -1,2 +0,0 @@ -[toolchain] -channel = "nightly" diff --git a/rootshell/src/main.rs b/rootshell/src/main.rs index 19983e0..c1e03fe 100644 --- a/rootshell/src/main.rs +++ b/rootshell/src/main.rs @@ -1,5 +1,3 @@ -#![feature(setgroups)] - //! a simple shell for uploading to the orbic device. //! //! It literally just runs bash as UID/GID 0 @@ -7,23 +5,19 @@ use std::process::Command; use std::os::unix::process::CommandExt; use std::env; -const ANDROID_PARANOID_NETWORK_GROUPS: &[u32] = &[ - 3001, // AID_BT - 3002, // AID_BT_NET - 3003, // AID_INET - 3004, // AID_NET_RAW - 3005, // AID_ADMIN -]; +use nix::unistd::{Gid, Uid}; fn main() { let mut args = env::args(); + nix::unistd::setegid(Gid::from_raw(0)).expect("setegid(0) failed"); + nix::unistd::seteuid(Uid::from_raw(0)).expect("seteuid(0) failed"); + // discard argv[0] let _ = args.next(); Command::new("/bin/bash") .args(args) .uid(0) .gid(0) - .groups(ANDROID_PARANOID_NETWORK_GROUPS) .exec(); }