Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hey, Your Parcel Looks Bad - Fuzzing and Exploiting Parcelization Vulnerabilities in Android

Black Hat via YouTube

Overview

Explore the intricacies of Android's inter-process communication (IPC) system and the vulnerabilities associated with parcel handling in this 35-minute Black Hat conference talk. Dive deep into the concept of "BadParcel" attacks, where malformed marshalled byte streams can be exploited to achieve privilege escalation. Learn about the fuzzing and code auditing techniques used to uncover high-severity vulnerabilities in Android 6.0 and earlier versions. Discover how zero-permission attacking applications can execute code in high-privilege processes like mediaserver and system_server. Gain insights into custom fuzzer development, integration with ASAN and AFL, and exploitation techniques for turning seemingly benign info-leaks into full PC control and shell code execution. Explore heap spray and memory fengshui techniques that can be applied to similar vulnerabilities. Understand the intricacies of Binder, Java data boxing and unboxing, and the importance of heap fengshui in exploiting these vulnerabilities.

Syllabus

Intro
Tencent KEEN Security Lab
Binder in Android - Advantages (cont.)
Key of the heart: Binder (cont.)
Conclusion
Data booking and unboxing in Java
Fuzzing strategies of Java land (cont.)
Integration with ASAN
Example 1 (cont.)
Exploitability Analysis
Vector item
Strong Pointer (cont.)
We still need heap fengshui

Taught by

Black Hat

Reviews

Start your review of Hey, Your Parcel Looks Bad - Fuzzing and Exploiting Parcelization Vulnerabilities in Android

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.