A stupid exploit discovered by a hacker over at XDA Developers lets users run self-developed apps at OEM app level privileges and that too without involving a lot of technicalities.
DJAmol, the hacker who discovered the flaw, found that by simply replacing the contents within an OEM app folder that has been moved to an SD card with those of the third-party app will enable users to run the latter with OEM level app privileges.
For example, if you move the Glance Background app to the SD card and using a file explorer like Pocket File Manager delete the contents of the directory under Glance Background and paste over the contents of a third-party app e.g. registry editor, you will have all the access that the Glance Background app has.
Hackers haven’t been able to escalate the exploit to a full interop unlock because apps moved to an SD card have limited access, but it is a matter of time before someone finds out a way to circumvent that as well. Another thing is that the exploit is limited to smartphones support an external card. Handsets that don’t support SD card expansion like Lumia 925 are immune to the hack.
You can find more information on XDA Developers.
I’ll have to look at XDA but on my 1520, nothing shows up under the individual app folders. Are they saying you can delete the app folder, create a new one with the same name, then paste in a third party app?
I think what is happening is if you remove the SD card (that has an app installed on it), you can then tweak directories on that SD card. I haven’t investigated further myself. But from what I am reading into it, in order to do the exploit, you would have to install an app, move it to the SD card, remove the SD card, insert the SD card into a PC or something, replace files on the SD card, replace the SD into the phone, then run the app from SD on the phone.
at least that is what I am reading into it.
Did you ensure that your app package navigation page as listed in “WPAppManifest.xml” is the same as that in the target app?