kopia lustrzana https://github.com/RootMyTV/RootMyTV.github.io
Porównaj commity
4 Commity
7f9736dbf6
...
a4fb78d749
Autor | SHA1 | Data |
---|---|---|
David Buchanan | a4fb78d749 | |
throwaway96 | 5ce894ed10 | |
David Buchanan | 6d35112527 | |
throwaway96 | 5ea5ab371f |
89
README.md
89
README.md
|
@ -1,5 +1,8 @@
|
|||
![RootMyTV header image](./img/header_logo.png)
|
||||
|
||||
> [!IMPORTANT]
|
||||
> RootMyTV is unlikely to work on your TV. [Find out why](#vulnerable).
|
||||
|
||||
RootMyTV is a user-friendly exploit for rooting/jailbreaking LG webOS smart TVs.
|
||||
|
||||
It bootstraps the installation of the [webOS Homebrew Channel](https://github.com/webosbrew/webos-homebrew-channel),
|
||||
|
@ -9,35 +12,66 @@ community-developed open source app, that makes it easier to develop and install
|
|||
|
||||
If you want the full details of how the exploit works, [skip ahead to our writeup](#research-summary-and-timeline).
|
||||
|
||||
# Is my TV vulnerable?
|
||||
# Is my TV vulnerable? (short answer: no) <a id="vulnerable"></a>
|
||||
|
||||
---
|
||||
|
||||
*Update (2022-12-24)*: **The vulnerabilities used by RootMyTV (both v1 and v2) have been patched by LG.
|
||||
**The vulnerabilities used by RootMyTV (both v1 and v2) have been patched by LG.
|
||||
RootMyTV is unlikely to work on firmware released since mid-2022.**
|
||||
If you get a `"Denied method call "download" for category "/""` error, your TV is patched.
|
||||
If your TV reboots but Homebrew Channel is not installed, it is likely patched.
|
||||
Firmware downgrades are no longer possible without already having root access.
|
||||
|
||||
---
|
||||
> [!IMPORTANT]
|
||||
> If you get a `"Denied method call "download" for category "/""` error, your TV is patched.
|
||||
> If your TV reboots but Homebrew Channel is not installed, it is likely patched.
|
||||
> Firmware downgrades are no longer possible without already having root access.
|
||||
|
||||
At the time of writing the original exploit (RootMyTV v1 - 2021-05-15), all
|
||||
webOS versions between 3.4 and 6.0 we tested (TVs released between mid-2017 and
|
||||
early-2021) are supported by this exploit chain. Around June-July 2021 LG
|
||||
started rolling out updates which added some minor mitigations that broke our
|
||||
original exploit chain.
|
||||
The following table lists the first webOS version for each year's models that is
|
||||
known to <u>**not**</u> support RootMyTV:
|
||||
| TV model year | Base webOS version | RootMyTV patched since webOS version |
|
||||
| ------------- | ------------------ | ------------------------------------ |
|
||||
| 2016 | 3.0 | 3.4.2 |
|
||||
| 2017 | 3.5 | 3.9.2 |
|
||||
| 2018 | 4.0 | 4.4.2 |
|
||||
| 2019 | 4.5 | 4.9.7 |
|
||||
| 2020 | 5 | 5.4.0 |
|
||||
| 2021 | 6 | 6.3.0 |
|
||||
|
||||
**At the time of writing (RootMyTV v2 - 2022-01-05)**, all webOS versions
|
||||
between 4.x and 6.2+ we tested (TVs released between early-2018 and late-2021)
|
||||
are supported by the new exploit chain.
|
||||
If your webOS version is equal to or greater than the version in the "patched
|
||||
since" column for your TV's model year, **your TV is not vulnerable to
|
||||
RootMyTV**. While these versions and newer are definitely patched, older
|
||||
versions may or may not work. RootMyTV never worked on webOS versions prior to
|
||||
3.4.0 or any TVs that came with webOS 1, 2, 7 (22), or 8 (23).
|
||||
|
||||
Some versions between 3.4 and 3.9 may be supported by RootMyTV v2, but your
|
||||
mileage may vary.
|
||||
<details>
|
||||
<summary>More information about webOS version numbers</summary><br>
|
||||
|
||||
Note: this versioning refers to the "webOS TV Version" field in the settings menu, *not* the "Software Version" field.
|
||||
Depending on the year a TV was released, it uses a certain range of webOS version
|
||||
numbers.
|
||||
|
||||
The versions before 2016 and after 2019 are easy to understand, since the first
|
||||
digit is used only for a single year (e.g., every 6.x.y version is for a 2021
|
||||
TV).
|
||||
|
||||
However, LG did something unusual in 2017 and 2019 by not using a new first
|
||||
digit. TVs from 2017 and 2019 started from webOS versions 3.5 and 4.5,
|
||||
respectively. For example, TVs released in 2016 will have webOS versions equal
|
||||
to or greater than 3.0.0 and less than 3.5.0; TVs released in 2017 will use
|
||||
3.5.0 up to (but not including) 4.0.0; and so on.
|
||||
|
||||
<i>Note that when trying to determine when a given webOS version was released,
|
||||
you should only compare it with version numbers from the same model year.</i>
|
||||
For example, it is safe to assume version 3.4.1 was released after 3.3.0. But
|
||||
version 3.4.2 could have been (and in fact was) released after version 4.0.0.
|
||||
|
||||
With webOS 7 in 2022, LG started using the marketing name "webOS 22"; the same
|
||||
applies to webOS 8 ("webOS 23").
|
||||
<br>
|
||||
</details>
|
||||
<br>
|
||||
|
||||
> [!NOTE]
|
||||
> This versioning refers to the "webOS TV Version" field in the settings menu, *not* the "Software Version" field.
|
||||
|
||||
*If you want to protect your TV against remote exploitation, please see the
|
||||
[relevant section](#mitigation-note) of our writeup and/or await an update from LG.*
|
||||
[relevant section](#mitigation-note) of our writeup and/or apply the latest
|
||||
firmware update for your TV.*
|
||||
|
||||
# Usage Instructions
|
||||
|
||||
|
@ -263,6 +297,21 @@ We would like to thank:
|
|||
|
||||
- LG, for patching symptoms of bugs rather than underlying causes...
|
||||
|
||||
# Historical Information
|
||||
|
||||
At the time of writing the original exploit (RootMyTV v1 - 2021-05-15), all
|
||||
webOS versions between 3.4 and 6.0 we tested (TVs released between mid-2017 and
|
||||
early 2021) were supported by this exploit chain. Around June-July 2021 LG
|
||||
started rolling out updates which added some minor mitigations that broke our
|
||||
original exploit chain.
|
||||
|
||||
When RootMyTV v2 was released (2022-01-05), all webOS versions
|
||||
between 4.x and 6.2+ we tested (TVs released between early 2018 and late 2021)
|
||||
were supported by the v2 exploit chain.
|
||||
|
||||
Some versions between 3.4 and 3.9 may be supported by RootMyTV v2, but your
|
||||
mileage may vary.
|
||||
|
||||
# The Technical Details
|
||||
|
||||
### Background
|
||||
|
|
|
@ -169,3 +169,12 @@ background-repeat: no-repeat;
|
|||
font-size: 12vw;
|
||||
}
|
||||
}
|
||||
|
||||
#patched {
|
||||
color: red;
|
||||
}
|
||||
|
||||
#patched > .code {
|
||||
font-family: monospace;
|
||||
background-color: #282828;
|
||||
}
|
||||
|
|
|
@ -25,6 +25,12 @@
|
|||
and install the <a href="https://github.com/webosbrew/webos-homebrew-channel">
|
||||
webOS Homebrew Channel.</a>
|
||||
</p>
|
||||
<p id="patched">
|
||||
If you get a <span class="code">Denied method call</span> error or your
|
||||
TV reboots but Homebrew Channel is not installed, then <b>your TV is
|
||||
patched</b>. All firmware released since mid-2022 is patched.
|
||||
There is no need to report this to us.
|
||||
</p>
|
||||
<p>
|
||||
<b>/!\ IMPORTANT /!\ :</b> Read <a href="https://github.com/RootMyTV/RootMyTV.github.io">our documentation</a>
|
||||
<b>BEFORE</b> you continue - or risk bricking your TV!
|
||||
|
|
Ładowanie…
Reference in New Issue