Explore a critical security vulnerability in Android's intent-based information exchange system in this 32-minute Black Hat conference talk. Dive into the intricacies of how Android applications use intents for file sharing and messaging, focusing on the ACTION_SEND action for stream forwarding. Learn about the potential risks associated with both implicit and explicit intents, and how attackers can exploit exported components. Discover the "Dirty Stream Attack" technique presented by Dimitrios Valsamaras, which turns Android share targets into attack vectors. Gain insights into the security implications of Android's intent resolver and manifest filters. Access the full abstract and presentation materials to deepen your understanding of this Android security threat and its potential impact on mobile application development and user safety.
Dirty Stream Attack - Turning Android Share Targets Into Attack Vectors
Overview
Syllabus
Dirty Stream Attack, Turning Android Share Targets Into Attack Vectors
Taught by
Black Hat
Related Courses
-
Dirty Stream Attack - Turning Android Share Targets To Attack Vectors
-
Honey, I Shrunk the Attack Surface - Adventures in Android Security Hardening
-
Sidewinder Targeted Attack Against Android in the Golden Age of Ad Libs
-
Stagefright - Scary Code in the Heart of Android
-
Start Arbitrary Activity App Components as the System User Vulnerability Affecting Samsung Android
-
Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android
