Merge branch 'master' of https://github.com/flankerhqd/bindump4j

README.md

@@ -1,6 +1,8 @@
+# What's Bindump4j for
+
 Vendor binder services proved to be an interesting part of android devices nature. They usually remains close-source, but sometimes open attack surface for privilege escalation. Namely examples like SVE-2016-7114 (By @laginimaineb), CVE-2018-9143 and CVE-2018-9139 (By @flanker_hqd) and so on, which are all memory corruption vulnerabilities.
 
-# Locating interesting binder service processes
+## Locating interesting binder service processes
 
 Before Android N, all binder services were registered to `servicemanager`, and communicated with each other under `/dev/binder`. After Android N, binder domains are splitted to normal domain under `/dev/binder`, vendor domain under `/dev/vndbinder`, and hardware domain under `/dev/hwbinder`. Normal untrusted_app access is restricted to `/dev/binder`.
 
@@ -32,4 +34,4 @@ If you would like to craft your own binary, just refer to `compile.sh`. Note to
 On Windows CMD sometimes the console display messed up. Maybe because windows console cannot property handle `\t`
 
 # Usage In Action
-In a following post I'll describe how we analyze and fuzz vendor binder services to find various vulnerabilities, e.g. CVEs mentioned above.
+In a following post I'll describe how we analyze and fuzz vendor binder services to find various vulnerabilities, e.g. CVEs mentioned above.