From 676f63cfe98a860d0f6ff643e933275bdcd0e650 Mon Sep 17 00:00:00 2001 From: s0urce-c0de Date: Mon, 9 Dec 2024 10:21:01 -0800 Subject: [PATCH] blu --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1183896..fc88433 100644 --- a/README.md +++ b/README.md @@ -205,7 +205,7 @@ Admins may want to prevent user enrollment to better control their devices. This By navigating to **Devices > Chrome > Settings > Users & browsers** and then looking for the **Enrollment permissions** tab, admins can set the polcy to **Do not allow users in this organization to enroll new or re-enroll existing devices** to disable user enrollment. > [!WARNING] -> **THIS HAS ONLY BEEN PARTIALLY TESTED:** It may be possible on unenrolled Chromebooks with developer mode enabled to run `vpd—i RW_VPD -s check_enrollment=1` in VT2 to bypass policy and re-enroll. An exploit kit named Rigtoolsv2 also claims to have functionality called `Riienrollment`, which can also bypass enrollment policy set in the admin console. +> **THIS HAS ONLY BEEN PARTIALLY TESTED:** It may be possible on unenrolled Chromebooks with developer mode enabled to run `vpd -i RW_VPD -s check_enrollment=1` in VT2 to bypass policy and re-enroll. An exploit kit named Rigtoolsv2 also claims to have functionality called `Riienrollment`, which can also bypass enrollment policy set in the admin console. ## sh1mmer sh1mmer is an exploit that takes advantage of how factory shims are verified for the device. By only checking the kernel signature, it was possible to modify the normal shim image to allow users to manipulate the device.