├── README.md ├── default_config.json5 └── payloads ├── generic_dump_payload.bin ├── generic_reboot_payload.bin ├── mt6735_payload.bin ├── mt6737_payload.bin ├── mt6750_payload.bin ├── mt6765_payload.bin ├── mt6771_payload.bin ├── mt6785_payload.bin ├── mt8127_payload.bin ├── mt8163_payload.bin ├── mt8173_payload.bin └── mt8695_payload.bin /README.md: -------------------------------------------------------------------------------- 1 | ### Supported SoCs 2 | - mt6735 3 | - mt6750 4 | - mt6765 5 | - mt6771 6 | - mt6785 7 | - mt8127 8 | - mt8163 9 | - mt8173 10 | - mt8695 11 | -------------------------------------------------------------------------------- /default_config.json5: -------------------------------------------------------------------------------- 1 | { 2 | "0x321": { // mt6735 3 | "watchdog_address": 0x10212000, 4 | "var_0": 0x10, 5 | "var_1": 0x28, 6 | "payload": "mt6735_payload.bin" 7 | }, 8 | 9 | "0x335": { // mt6737 10 | "watchdog_address": 0x10212000, 11 | "var_0": 0x10, 12 | "var_1": 0x28, 13 | "payload": "mt6737_payload.bin" 14 | }, 15 | 16 | "0x326": { // mt6750 17 | "payload": "mt6750_payload.bin" 18 | }, 19 | 20 | "0x766": { // mt6765 21 | "var_0": 0x2C, 22 | "var_1": 0x25, 23 | "payload": "mt6765_payload.bin" 24 | }, 25 | 26 | "0x788": { // mt6771 27 | "var_0": 0x20, 28 | "payload": "mt6771_payload.bin" 29 | }, 30 | 31 | "0x813": { // mt6785 32 | "var_0": 0x20, 33 | "payload": "mt6785_payload.bin" 34 | }, 35 | 36 | "0x8163": { // mt8163 37 | "var_1": 0xB1, 38 | "payload": "mt8163_payload.bin" 39 | }, 40 | 41 | "0x8695": { // mt8695 42 | "payload": "mt8695_payload.bin" 43 | }, 44 | 45 | "0x8172": { // mt8173 46 | "payload": "mt8173_payload.bin", 47 | "payload_address": 0x120A00 48 | }, 49 | 50 | "0x8127": { // mt8127 51 | "payload": "mt8127_payload.bin" 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /payloads/generic_dump_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/generic_dump_payload.bin -------------------------------------------------------------------------------- /payloads/generic_reboot_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/generic_reboot_payload.bin -------------------------------------------------------------------------------- /payloads/mt6735_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt6735_payload.bin -------------------------------------------------------------------------------- /payloads/mt6737_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt6737_payload.bin -------------------------------------------------------------------------------- /payloads/mt6750_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt6750_payload.bin -------------------------------------------------------------------------------- /payloads/mt6765_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt6765_payload.bin -------------------------------------------------------------------------------- /payloads/mt6771_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt6771_payload.bin -------------------------------------------------------------------------------- /payloads/mt6785_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt6785_payload.bin -------------------------------------------------------------------------------- /payloads/mt8127_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt8127_payload.bin -------------------------------------------------------------------------------- /payloads/mt8163_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt8163_payload.bin -------------------------------------------------------------------------------- /payloads/mt8173_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt8173_payload.bin -------------------------------------------------------------------------------- /payloads/mt8695_payload.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bkerler/exploits_collection/1fd89ec89127ece34507150ff614a16914af9a21/payloads/mt8695_payload.bin --------------------------------------------------------------------------------