IonStack - Nebula Security
IonStack
The first browser-to-kernel full-chain RCE on Android 17
Source code will be publicly available in
01234567890123456789Days
01234567890123456789Hours
01234567890123456789Minutes
01234567890123456789Seconds
Check our open source code<br>github.com/NebuSec/CyberMeowfia
A series of write-ups is coming soon.
Step 1: Download vulnerable Firefox 151<br>fenix-151.0.multi.android-arm64-v8a.apk (archive.mozilla.org)
Step 2: Live PWN<br>rootme.nebusec.ai/b9e3f1a4-7c82-4d6e-9a51-2f8c4b3e0d17
List of supported kernel
Expected result:
If your kernel is marked Supported , Step 2 should give you root and change your wallpaper as the visible success signal.
If it is not supported yet, the phone will crash and reboot instead, without damaging the device. You can also modify the exploit yourself to support your device.
Warning: Experimental Kernel Exploit
By clicking “Step 2”, you acknowledge and agree that this website will run an open-source kernel exploit on your device.
If successful, the exploit may perform the following actions:
Create temporary files inside Firefox’s private data storage.
Write files to /bin/su and /data/local/tmp/su.
Modify your device wallpaper.
Make system-level changes that may affect device stability.
This kernel exploit is experimental and may be unstable. It could cause unexpected behavior, crashes, data corruption, or permanent data loss.
Before continuing, you should:
Back up all important data.
Understand that this action may modify your device at the system level.
Proceed only on a device that you own or have explicit permission to test.
Accept full responsibility for any damage, instability, or data loss that may occur.
Do not continue unless you fully understand the risks.
I understand the risks and agree to run the exploit on this device.
Cancel<br>Continue to Step 2
Device not supported yet
Step 2 does not currently support PC or iOS devices. Please use a supported Android browser from the list, or build it yourself from<br>source code.
Close