Jump to content


Photo

Towelroot exploit?

towelroot avast lookout malware warning

  • Please log in to reply
11 replies to this topic

#1 perdroidus

perdroidus

    n00b

  • Members
  • Pip
  • 14 posts
  • Current Device(s):Droid Razr Maxx HD

Posted 24 July 2014 - 02:33 AM

    My Motorola XT926 with 4.4.2 (haven't been OTA pushed to 4.4.4 yet) is unlocked and rooted thanks to guidance on this forum.  I used Towelroot, Moto-pocalypse and then SuperSU to try to control app root access. 

    My question is: since a bunch of articles recently are warning about the "Towelroot exploit" and both my Avast and Lookout antivirus modules yell that Towelroot is a Trojan/malware, should I freeze or uninstall Towelroot?  If I do will that unroot me? ( I doubt it, just looking for confirmation.) 

    Also, will removing Towelroot from my device solve the exploit problem?  I sort of doubt that, too, since the issue seems to be root access not the program itself that helped provide same.  Is this correct of not?

     I'm guessing that it's ok to delete Towelroot (although if an OTA comes along may that become a problem?) and to be extra careful about what to let SuperSU give access to.

    I'd appreciate some expert input on the Towelroot-malware warning issue.   Many thanks...



#2 livinginkaos

livinginkaos

    I don't know what I'm doing anymore.....

  • Administrator
  • 15,282 posts
  • Google+:Hangouts - livinginkaos@gmail.com
  • LocationOregon
  • Current Device(s):Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7

Posted 24 July 2014 - 04:51 AM

Once you are unlocked, you don't need towel root.

Sent from my S-Offed One M8


b2wvCBn.png

Sig by livinginkaos
Samsung S8+ / Pixel XL 128gb / iPhone 7+ 256gb / iPad Pro 12.9" / Samsung Chromrbook Plus / Pixel C / Nexus 6p 128gb / Nexus 6 / Nexus 6 on Fi / Nexus 9 / Moto 360^2 / Nvidia Shield TV Pro / Nvidia Shield Tablet / HTC EVODesign on FreedomPop / Chromecast / Surface Pro 3 i7 / Samsung Tab Pro 12.2 / Lenovo Win8 Tab / Eee Slate / '13 Nexus 7


#3 ibolski

ibolski

    Droid Master

  • Dedicated Supporter
  • PipPipPip
  • 535 posts
  • Twitter:iBolski
  • Google+:Ivan Samuelson
  • LocationColumbus, Ohio
  • Current Device(s):Samsung Galaxy S7

Posted 24 July 2014 - 05:08 AM

BTW, there is no 4.4.4 update. The latest soak is still on 4.4.2, but it does include 4.4.4 security patches.


VZW Samsung Galaxy S7 Stock and unrooted running Marshmallow 46A, 32gb Nexus 7 unlocked
2cqd4t2.png


#4 SamuriHL

SamuriHL

    Android Warrior

  • Smod
  • 44,199 posts
  • Current Device(s):S21 Ultra, Pixel 6

Posted 24 July 2014 - 05:26 AM

Please Login or Register to see this Hidden Content


Non potest esse nisi unus


#5 SamuriHL

SamuriHL

    Android Warrior

  • Smod
  • 44,199 posts
  • Current Device(s):S21 Ultra, Pixel 6

Posted 24 July 2014 - 05:27 AM

To answer your question, though, you should remove towel root.  As long as SuperSU replaced the su binary, you're fine.  But yes, you should be careful what you grant root to.


Non potest esse nisi unus


#6 RikRong

RikRong

    Cap'n Slow

  • Superuser
  • 2,117 posts
  • LocationNoDak
  • Current Device(s):Pixel 7

Posted 24 July 2014 - 08:39 AM

Towelroot is an exploit, as such, you AV software will probably flag it.  There's nothing malicous with root [exploits], but they will allow you to do a lot of bad things to your phone, if you're not careful.


R. Long: Pixel 5

 


#7 SamuriHL

SamuriHL

    Android Warrior

  • Smod
  • 44,199 posts
  • Current Device(s):S21 Ultra, Pixel 6

Posted 24 July 2014 - 08:59 AM

Towelroot is an exploit, as such, you AV software will probably flag it.  There's nothing malicous with root [exploits], but they will allow you to do a lot of bad things to your phone, if you're not careful.

 

I need to correct you here as this is extremely wrong.  Towel root....you installed an app on your phone, ran it, and pressed a magical button that installed unmanaged root on your phone.  Other than installing, loading, and pressing the button on the app, there was no other interaction by you. Now let's decide I'm a malware author.  I decompile towel root, pull out the guts of it, stick it in an app called "Free Understated Collateral Knowledge".apk.  I tell you this app will search vast knowledge bases to find intelligent answers to your most undying questions.  You sideload my app.  And you run it.  And you find out....it points you to google.com. So you uninstall my app.  However, what you didn't know is that I installed an unmanaged root exploit using towel root's root mechanism (hey, I skipped the whole press the button to make it work thing....how nice of me) and then used unmanaged root to blast a ton of malware onto your device.  You're welcome!  :)

 

Think that's impossible?  It's not.  Not even close.  Root exploits are the same exploits malware authors use to infect your phone.  To say there's nothing malicious is naive because it's all a matter of perspective and who's exploiting it.  It's a security hole, plain and simple.  Yes, it gives you root in a nice easy to use press the button app.  But, it can also open you up to nasty crap just as easily....if not more easily.


  • RikRong likes this

Non potest esse nisi unus


#8 perdroidus

perdroidus

    n00b

  • Members
  • Pip
  • 14 posts
  • Current Device(s):Droid Razr Maxx HD

Posted 24 July 2014 - 09:00 AM

Thanks!



#9 mamawm

mamawm

    Droid Master

  • Members
  • PipPipPip
  • 396 posts
  • Google+:martha holcomb
  • Locationnortheast mississippi
  • Current Device(s):moto xpe 2015

Posted 24 July 2014 - 10:07 AM

Well, maybe I should uninstall towelroot off this g2. Thanks Sam for that explaination.

#10 SamuriHL

SamuriHL

    Android Warrior

  • Smod
  • 44,199 posts
  • Current Device(s):S21 Ultra, Pixel 6

Posted 24 July 2014 - 10:22 AM

I just want to be clear...towel root itself is not the problem.  it is not a malicious app.  It's designed for rooting your phone in a controlled manner.  I.E. you have to DO something to root your phone with towel root.  My warning is about the vulnerability that towel root uses to gain root access.  That same vulnerability can be exploited maliciously to install malware on your device.  I recommended removing towel root to the OP poster because they are running a version of Android that is no longer vulnerable to towel root's exploit.  IOW, there's no reason to keep it on their phone.  In fact, once you root with towel root, there's no reason to keep it on period.  You've already achieved root.


Non potest esse nisi unus


#11 RikRong

RikRong

    Cap'n Slow

  • Superuser
  • 2,117 posts
  • LocationNoDak
  • Current Device(s):Pixel 7

Posted 24 July 2014 - 07:08 PM

Yeah, maybe I didn't phrase that correctly, but see exactly what you are saying. It was the same reason I had troubles downloading the tools to root the Droid I picked up to mess around with last year. My PCs AV kept flagging the exploits and stopping my DL. Sorry if I misled anyone.😃 Sent from my HTC6525LVW using Tapatalk
  • SamuriHL likes this

R. Long: Pixel 5

 


#12 SamuriHL

SamuriHL

    Android Warrior

  • Smod
  • 44,199 posts
  • Current Device(s):S21 Ultra, Pixel 6

Posted 29 July 2014 - 04:55 AM

Please Login or Register to see this Hidden Content

 

See my point?


  • ibolski, livinginkaos and RikRong like this

Non potest esse nisi unus





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users