Fairly new security researcher in need of YOUR HELP! Please read!

#1

I spent a bit of time this morning reading through various forum posts and did not see anywhere this type of post would not be allowed. MODS forgive me if it isn’t allowed.

The title says it all.

A little background first. I am a 32 year old living in Phoenix AZ. Besides having been in the military at a younger age I have been around technology my whole life and electronic engineering is in my blood!

For the last decade or so I have been really into Android. At first I was a bit apprehensive and was more of a lurker in the community. About 6 years ago is when I became more of an active developer. I have self taught my way through Android. At first it was simple roms and scripts. I have delved in apk building, theming (the hard way before overlays and theme engines) and recently in the past year into security research.

I reside in the USA and have had big red as my carrier for the last 8 years. I mainly work on Samsung Snapdragon devices. Most know big red (and now seemingly all US carriers now) tend to lock down the boot loaders making it difficult for end users like myself who want root and freedom to develop on devices I fully own. Hence why I made the move to security research as it is something I am passionate about.

In the past 2 or 3 years I have met some great developers and consitently gained more knowledge and experience.

The first security exploit I was involved in (as an observer and tester mostly) was for the LG V20. Dirty cow was used to overwrite the devices firmware with user debug firmware which of course led to unlocking the bootloader.

After that I moved back to Samsung and got the S8+. I spent countless hours on this device. In the end it paid off. We were able to root the device using a few exploits. We first had to flash ENG firmware which wasn’t enough by itself. We had to exploit the setsid binary to launch an unstable, tethered root shell. We then pushed a root script into uevent helper so the root script was executed by the kernel. This method I dubbed SamPWND root. Of course this was quickly patched. After this I had a helping hand in the method called SamFAIL which involved flashing a pre-rooted system in ODIN. It would secure check fail but since it was such a large partition it would write to the device before it crashed. This was eventually patched as well.

My next exploit which I reported to Samsung ended up being a critical vulnerability. It was similar to SamFAIL except it involved another partition. This partition was not checked during the flashing process and thus could modify it and flash in ODIN without a failure. The other exploit used in conjunction with this was there were some init scripts that were executed by init I had to modify so init would execute and install root for me. This was of course patched.

My most recent exploit works on just about all the Samsung devices including both Exynos and SD chipsets. This again involves a script that is world readable/writable and can be executed with a simple setprop command. The initial script is executed as system user. This isn’t high enough so I daisy chain it. Use system script to modify another script that is executed as root user on a reboot. Now we have a script executed as root user to do as we want. This exploit has been reported to Samsung who is in the process of patching it.

As you can see, I have been busy learning and then implementing those skills to find exploits. It is very fun!

This brings me to this post and again, I apologize in advance if this is not allowed. My laptop is severely underpowered and unable to keep up with the advancements in technology. I have been plagued with system failures, drives going out, over heating etc. Which is becoming increasingly difficult for me to continue my hobby. It got to the point where (unsuccessfully) I resorted to booting windows on arm on a raspberry pi 3 b+ just so I can have something to flash my device in the even of a brick (which happens often when searching for exploits) due to my PC no longer being reliable.

I currently have a relative in the hospital who is dieing and won’t be around much longer as well as any money I make at my day job barely gets us by on the Bill’s. This means I have no way to upgrade or purchase a new PC anytime soon which has sidelined me and my hobby.

I searched for ways to get money or a new laptop but so far have been unsuccessful. Someone suggested I set up a GoFundMe which I didn’t know was a thing until yesterday. Doing a bit of research and creating a campaign I soon realized it will be a difficult task. It is all about crowd sourcing. I quickly realized there aren’t too many developers or patrons in this community just browsing around GoFundMe so my campaign would most likely fail on launch day due to no traffic and whoever did look at it might not understand the concept at all and simply ignore it.

Then I got to thinking where I can find other developers and people who understand my plight and the first thing that popped in my head was Bugcrowd. After all, it is a crowd source with people just like me doing the same things I love to do and want to continue to do.

I figured why not give it a shot. Below I will post a link to my GoFundMe and hopefully some of you can see it in your hearts to help out a fellow developer in need! If not I understand as I clearly am financially strapped myself.

If you are unable to help out with funds then please share my story on your social media platforms and hopefully soon I will be able to get back to it!

Thanks for taking the time out of your day to hear my story and happy BUG HUNTING!

GoFundMe: https://www.gofundme.com/71mq7q0

0 Likes

#2

I don’t understand this post. You literally live in the most prosperous country in the world, and you are asking for money to buy a computer. I don’t get it.
Where I live, I have to pay 200% of what you pay in the USA for a computer.

Maybe it is a scam or I’m missing something.

0 Likes

#3

It is clearly not a scam.

Just because someone lives in America doesn’t mean they are rich and do not have a difficult time getting by. We have a lot of homeless people in our country.

I support multiple family members and have a low paying job so it is not easy for me to get things such as a new computer.

I am not telling people to support my cause but if they choose to then it would be greatly appreciated. Everyone is entitled to their opinions and to choose what or who they want to support.

I am sorry to hear you pay 200% more than Americans do for computers. With the amount of money I get and need to spend on necessities I have no money left over for a computer. If I got paid well and had to pay 200% then I would and wouldn’t need any help but that is not the case unfortunately and is quite the opposite.

0 Likes

#4

I don’t want to waste your time or fill this forum with a discussion unrelated to bug bounties. This is a public forum but I think it’s not the right place to say what I said in my previous reply. My apologies.

0 Likes

#5

Have you ever done any mobile bug bounties? Might help earn some extra money :slight_smile:

1 Like

#6

Yes, last year I did a Samsung bounty. It was labeled critical. I believe it was a 2500$ reward (1900$ or so after taxes and fees.)

I also have another in the reward phase was rated high but it takes a long time from reporting to reward so not sure how much or when it will pay out.

Last year I used reward money towards new test devices (Note 9 and Tab S4) which led to the most recent submission.

It is a constant battle to do anything with my current laptop. Not enough ram is causing me to bsod constantly and when it doesnt crash it takes forever to do anything outside simple scripting stuff. I even got an SSD which didn’t help much.

It would be easier if my MB wasn’t maxed out already and I could simply upgrade parts here n there but not an option unfortunately.

I haven’t got a single donation yet lol, it was worth a shot. My grandfather passed away this morning so I have shifted my efforts towards that and funeral costs for the time being, I’ll worry about a computer some other time. It’s just one thing after another this year.

0 Likes

#7

Very sorry to hear that :frowning: I wish you the best, on all fronts :pray:

1 Like

#8

Thank you sir! Itll all work out in the long run. One day I’ll be able to quit my call center job and work for a real company and make some real money!

Just gotta keep on keepin on

1 Like