Explore the intricacies of Android's intent-based information exchange system and learn about the "Dirty Stream Attack" in this 42-minute conference talk. Dive into how malicious applications can exploit vulnerabilities in receiving apps that blindly trust incoming streams without proper validation. Discover the similarities between this attack and file upload vulnerabilities in web applications. Examine real-world examples of susceptible apps with millions of installations on Google Play Store. Gain insights into creating malicious content providers, triggering attack flows, and choosing effective payloads. Understand the risks of misconfigured content providers and potential code execution vulnerabilities. Learn essential security measures to protect share targets and prevent unauthorized access to sensitive user data.
Dirty Stream Attack - Turning Android Share Targets To Attack Vectors
Overview
Syllabus
Intro
Intents in a nutshell
Content Providers (Server)
File Providers (server)
Content providers - Security
Handling a stream
Dirty stream attack
Creating a malicious provider
Carrying The payload
Triggering the flow
Choosing the payload
Misconfigured content providers
Code Execution
Dynamic Module delivery in a nutshell
Securing Share Targets
Taught by
nullcon
