Skip to content
/ DocViewerExploitApp Public

This is an Exploit App I made when solving the DocumentViewer challenge (CVE-2021-40724) from MobileHackingLab. It will download a libdocviewe_pro.so library from your local machine unto the vulnerable app's internal storage, load it upon relaunch and achieve an RCE.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tinopreter/DocViewerExploitApp

BranchesTags

Repository files navigation

DocViewerExploit App - CVE-2021-40724

This is the source code to exploiting the Document Viewer by MobileHackingLab.

About the Vulnerable App

This is an exploit app for the MobileHackingLab DocumentViewer Abdroid App Dynamic Code Loading RCE challenge. This challenge emulates CVE-2021-40724 vulnerability identified in Adobe Acrobat Reader Android app.

image

The app dynamically loads code from a library file but there exist an LFI vulnerability due to how the app handles incoming URIs with getLastPathSegment().

image image

About the Exploit App

This LFI vulnerability can be abused to write our own library files into the vulnerable app which gets loaded upon app launch.

image image

image

When our malicious library file gets loaded, our remote command gets executed

image

Reach Out to me:

tinopreter tinopreter tinopreter

About

This is an Exploit App I made when solving the DocumentViewer challenge (CVE-2021-40724) from MobileHackingLab. It will download a libdocviewe_pro.so library from your local machine unto the vulnerable app's internal storage, load it upon relaunch and achieve an RCE.

Topics

android rce pdf-reader adobe-acrobat dynamic-code-loading cve-2021-40724

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

Library file and APK Latest
Jun 15, 2025

Packages

No packages published

Languages