legacy_native/jni/headers/exploit.h
#define SAM_EXP 0
#define ARAGORN_EXP 1
#define GIMLI_EXP 2
#define MERRY_EXP 3
#define FRODO_EXP 4
#define LEGOLAS_EXP 5
#define GANDALF_EXP 6
#define BOROMIR_EXP 7
#define BOROMIR2_EXP 8
#define BOROMIR3_EXP 9
// Exploit struct
struct exploit {
int id; // Exploit id
char* dev; // Device driver
int fd; // Device file descriptor
int fd2; // Additional file descriptor
unsigned long offset; // Offset for mmap
int length; // Dump length
unsigned long start_offset; // Offset modified
int (*pre_init)(struct exploit *exp);
int (*init) (struct exploit *exp);
int (*finalize)(struct exploit *exp);
};
extern struct exploit* exp_list[];
// Set the kernel base addr in the exploit struct
int set_offset(struct exploit *exp);
int init_aragorn(struct exploit *exp);
int sleep_func(struct exploit *exp);
int finalize_exynos(struct exploit *exp);
int init_frodo(struct exploit *exp);
int init_legolas(struct exploit *exp);
int pre_init_gandalf(struct exploit *exp);
int init_gandalf(struct exploit *exp);
void exec_payload(int args, char **cmd); // Define here the payload you need to execute as root