• Home
Name Date Size #Lines LOC

..--

app/com/android/google/tools/security/shell_as/06-Sep-2024-299

shell-code/06-Sep-2024-606243

Android.bpD06-Sep-20243.1 KiB108102

AndroidManifest.xml.templateD06-Sep-20241.1 KiB3416

OWNERSD06-Sep-202472 53

README.mdD06-Sep-2024853 3425

command-line.cppD06-Sep-20247.9 KiB211173

command-line.hD06-Sep-20241.3 KiB378

context.cppD06-Sep-20244.3 KiB13997

context.hD06-Sep-20242.3 KiB7226

elf-utils.cppD06-Sep-20242.8 KiB9055

elf-utils.hD06-Sep-20241.2 KiB368

execute.cppD06-Sep-202414.6 KiB383234

execute.hD06-Sep-20241.2 KiB368

gen-manifest.shD06-Sep-20241.4 KiB4414

registers.hD06-Sep-20241.2 KiB4518

shell-as-main.cppD06-Sep-20242.8 KiB9468

shell-as-test-app-key.pk8D06-Sep-20241.2 KiB

shell-as-test-app-key.x509.pemD06-Sep-20241.4 KiB2524

shell-code.cppD06-Sep-20243.1 KiB8644

shell-code.hD06-Sep-20241.3 KiB4113

string-utils.cppD06-Sep-20242 KiB7343

string-utils.hD06-Sep-20241.7 KiB5111

test-app.cppD06-Sep-20243.9 KiB13785

test-app.hD06-Sep-20241 KiB327

README.md

1# shell-as
2
3shell-as is a utility that can be used to execute a binary in a less privileged
4security context. This can be useful for verifying the capabilities of a process
5on a running device or testing PoCs with different privilege levels.
6
7## Usage
8
9The security context can either be supplied explicitly, inferred from a process
10running on the device, or set to a predefined profile.
11
12For example, the following are equivalent and execute `/system/bin/id` in the
13context of the init process.
14
15```shell
16shell-as \
17    --uid 0 \
18    --gid 0 \
19    --selinux u:r:init:s0 \
20    --seccomp system \
21    /system/bin/id
22```
23
24```shell
25shell-as --pid 1 /system/bin/id
26```
27
28The "untrusted-app" profile can be used to execute a binary with all the
29possible privileges attainable by an untrusted app:
30
31```shell
32shell-as --profile untrusted-app /system/bin/id
33```
34