Samsung S25 Vulnerability Research

This repo hosts the supporting material for the blog posts describing our research on the Samsung Galaxy S25.

You can read them here:

• Shoot for the Galaxies: Our Samsung S25 1-click RCE Journey
• Here We Go Again: A Five-Bug Chain to Arbitrary APK Install on Samsung S25

This repo contains:

• 1click-rce: exploit and MITM setup script for the RCE exploit
• local-apk-install: exploit and APK signature generation script for the local APK install

Instructions are available in each subfolder.