Physical Attacks Against Smartphones: Android Security Vulnerabilities and Exploits

Physical Attacks Against Smartphones: Android Security Vulnerabilities and Exploits

DEFCONConference via YouTube Direct link

Overriding Init

15 of 43

15 of 43

Overriding Init

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Physical Attacks Against Smartphones: Android Security Vulnerabilities and Exploits

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 Case Study 1 - Rooting On A Locked Bootloader
  3. 3 Target Device
  4. 4 Disabled Bootloader Unlock
  5. 5 Finding An Exploit
  6. 6 SELinux Protection
  7. 7 Alternative Attack Vectors
  8. 8 Custom Recovery Mode
  9. 9 Finding An Update Image
  10. 10 Recovery Mode Menu
  11. 11 Root Cause Analysis
  12. 12 Exploiting Command Injection
  13. 13 Getting A Shell
  14. 14 Switching To Android
  15. 15 Overriding Init
  16. 16 Init Process
  17. 17 Shared Mounts
  18. 18 Patching out SELinux Checks
  19. 19 Fixing Kernel Panics
  20. 20 Reinitialising Services
  21. 21 Replacing Read-Only Files
  22. 22 Hidden RAMDisk
  23. 23 Case Study 2 - Exploiting An Exynos Secondary Bootloader
  24. 24 Fuzzing USB Control Transfers
  25. 25 Initial Fuzzing Attempts
  26. 26 Causing A Crash
  27. 27 Exploiting Descriptor Overwrite
  28. 28 Brute Forcing Memory
  29. 29 Dumping Memory
  30. 30 DEP Misconfiguration
  31. 31 Basic Code Execution
  32. 32 Reimplementing Boot
  33. 33 Boot Debugging
  34. 34 Kernel Execution
  35. 35 Boot Failure
  36. 36 Bootloader Threads
  37. 37 Disabling Threads
  38. 38 Aarch64 Exceptions
  39. 39 Additional Errors
  40. 40 Android Modification
  41. 41 Final Notes
  42. 42 Disclosure
  43. 43 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.