Explore the technical intricacies of Android security bug 8219321 in this Black Hat USA 2013 conference talk. Delve into the vulnerability that allows APK code modification without breaking cryptographic signatures, potentially leading to system access and control. Learn how the bug was discovered, how an exploit was created, and why it works across various Android devices. Gain insights into the Android security model, platform signing, and exploitation techniques. Examine the impact on city infrastructure, the ease of exploitation, and other related security issues. Understand the timeline of disclosure, end-user risks, and the role of security scanners. Discover why this vulnerability affects so many devices and the implications for Android security.
Overview
Syllabus
Introduction
What is Android
How did we find this bug
How do we get signatures
Zip file format
Java verifier
Postmortem
Android Security Model
System
Platform sign
How to exploit
Exploit payload
Merge apks
Exploit lock loaded
More fun stuff
System level access
City Impactor
Easy to exploit
Other bugs
RSA verification
Bluebox disclosure
Java vs C
Signed vs unsigned
Android Security Blog
Timeline
End user risk
Security scanner
Why are so many
Bluebox
Thank you
Taught by
Black Hat
