Share
## https://sploitus.com/exploit?id=D51CCF3E-D3E2-537D-A343-1B26C59BBDCC
![python-static-badge](https://img.shields.io/badge/Python-blue?logo=python&logoColor=white)
![android-static-badge](https://img.shields.io/badge/Android-blue?logo=android&logoColor=white)

# CVE-2024-0044

- [CVE-2024-0044](https://nvd.nist.gov/vuln/detail/CVE-2024-0044) allows a "run-as" attack to be performed, resulting in a local escalation of privileges. This enables an attacker to access private files stored locally by any application on the mobile device, compromising the security guarantees provided by the "Application Sandbox".
- Requires ADB shell access and developer mode enabled on the mobile device.
- Affects Android versions 12, 12L, 13, and 14*.
- Discovered and disclosed by [Meta Red Team X](https://rtx.meta.security/exploitation/2024/03/04/Android-run-as-forgery.html) in March 2024.
- Security patch released by Google in the [Android security bulletin of March 2024](https://source.android.com/docs/security/bulletin/2024-03-01).

# Usage

```
python cve_2024_0044.py -p target.package.name -a any-app.apk
```
![cve-2024-0044](cve-2024-0044.gif)

> [!TIP]
> For the `any-app.apk` file, any mobile application can be used, such as [F-Droid](https://f-droid.org/), for example.