Fusée Gelée
The Fusée Launcher is a proof-of-concept arbitrary code loader for a variety of Tegra processors, which takes advantage of CVE-2018-6242 ("Fusée Gelée") to gain arbitrary code execution and load small payloads over USB.
Cost / License
- Free
- Open Source
Platforms
- Mac
- Windows
- Linux
- BSD
- Python
Features
Tags
- payload-launcher
Fusée Gelée News & Activities
Recent activities
Fusée Gelée information
Developed by
QyriadLicensing
Open Source (GPL-2.0) and Free product.Written in
Alternatives
9 alternatives listedSupported Languages
- English
What is Fusée Gelée?
The Fusée Launcher is a proof-of-concept arbitrary code loader for a variety of Tegra processors, which takes advantage of CVE-2018-6242 ("Fusée Gelée") to gain arbitrary code execution and load small payloads over USB.
The vulnerability is documented in the 'report' subfolder; more details and guides are to follow! Stay tuned... Use Instructions
The main launcher is "fusee-launcher.py". Windows, Linux, macOS and FreeBSD are all natively supported! Instructions for Windows specifically can be found on the wiki.
With a Tegra device in RCM and connected via USB, invoke the launcher with the desired payload as an argument, e.g. ./fusee-launcher.py payload.bin. Linux systems currently require either that the Tegra device be connected to an XHCI controller (used with blue USB 3 ports) or that the user has patched their EHCI driver. Credits
Fusée Gelée (CVE-2018-6242) was discovered and implemented by Kate Temkin (@ktemkin); its launcher is developed and maintained by Mikaela Szekely (@Qyriad) and Kate Temkin (@ktemkin).