Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Let's Play - Applanting

Black Hat via YouTube

Overview

Explore a groundbreaking attack methodology called APPLANTING in this Black Hat EU 2013 conference talk. Delve into the world of mobile security vulnerabilities as Ajit Hatti demonstrates how attackers can install malicious apps on Android devices without user knowledge. Learn about the combination of CSRF and clickjacking techniques used to become a "man in the mobile" and carry out further damage. Examine the complexities of mobile platform security, the trade-offs between convenience and safety, and the challenges faced by app stores in preventing such attacks. Gain insights into authentication issues, the concept of phones as personal identities, and potential vectors for exploitation. Understand the implications of this attack on user privacy, data security, and the broader cybersecurity landscape.

Syllabus

Introduction
Disclaimers
Brief Introduction
Null Khan
Two questions
Why I wrote this paper
Authentication
Phone is your Identity
Playground
App ID
What can we do
Install by Script
Install by Rogue
Facebook
App Store
Play Store
Is it useful
Other vectors
The problem
The challenge
App foking
Googles headache
Password compromise
Captain Cool
Google Play

Taught by

Black Hat

Reviews

Start your review of Let's Play - Applanting

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.