Overview
Syllabus
Introduction
Outline
Two types of vulnerabilities
Most security mechanisms of Android
Recent Android vulnerabilities
Conclusions
Tower Root
Pimpin Root
Pipe Root
Public POC
Root Apps
Google Chrome
Chemi
Ghost Push
Dark Spectres
Why
Long pattern chain
Device fragmentation
Google stats
Chinese stats
Capability mismatch
Security vendors
Limitations
Solution
Version Magic
Module Structure Check
Bypass Kernel Module Authentication
Circle Injection
Memory Allocation
From User Memory
Branch
No explicit operation
Optimization
Limitations of current solutions
Famous vulnerabilities
Most popular devices
Demos
Next steps
Call out
Ecosystem
Ecosystem Alignment
Questions
Taught by
Hack In The Box Security Conference