DUMPit is an exploit for SHAREit mobile app abusing two recently discovered vulnerabilities affecting SHAREit Android application <= v 4.0.38. The first one allows an attacker to bypass SHAREit device authentication mechanism, and the other one enables the authenticated attacker to download arbitrary files from the user’s device. Both vulnerabilities were reported to the vendor and patches have been released.

• Full writeup

To launch the exploit server with GUI (Tested on windows,linux)

python server.py

To launch the autopwn module (Works on linux only)

python autopwn.py

Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.