In this blog post, we'll cover the complete process of exploiting the TrustZone vulnerability described in the previous post. If you haven't read it already, please do!
While developing this exploit, I only had my trusty (personal) Nexus 5 device to work with. This means that all memory addresses and other specific information written below is taken from that device.
In case anyone wants to recreate the exact research described below, or for any other reason, the exact version of my device at the time was:
With that out of the way, let's get right to it!