Completed
Deep Dive Into PendingIntent
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
A Universal Way to Exploit Android PendingIntents in High-profile and System Apps
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Agenda
- 3 Who we are
- 4 The Pendingintent API
- 5 Previous Research
- 6 Retrieving Pendingintents
- 7 Hijacking Insecure Pendingintents
- 8 Deep Dive Into PendingIntent
- 9 Hijacking Pendingintents with Implicit Base Intent
- 10 Case Studies
- 11 POC of CVE-2020-0188
- 12 CVE-2020-0389: Notification
- 13 A-166126300: MediaBrowser Service
- 14 Some High Profile Apps: AppWidgets
- 15 CVE-2020-0294: System Service
- 16 Restrictions on URI Grant from uid 1000
- 17 Hunting Insecure Pendingintents Automatically
- 18 Search APIs without IMMUTABLE
- 19 Search Empty or Implicit base Intents
- 20 Security Changes in Android 12
- 21 Security Guidelines
- 22 Final Advice