Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Typhoon Mangkhut - One-click Remote Universal Root Formed with Two Vulnerabilities

Black Hat via YouTube

Overview

Explore a 41-minute Black Hat conference talk detailing the Mangkhut exploit chain, which achieves one-click remote root access on modern Android devices using only two vulnerabilities. Dive into the intricacies of CVE-2020-6537, a Chrome vulnerability enabling arbitrary code execution in the browser render process, and CVE-2020-0423, a Binder vulnerability that escalates privileges from a sandboxed process to root. Learn how researchers Hongli Han, Rong Jian, Xiaodong Wang, and Peng Zhou overcame increasing Android security mitigations to develop this sophisticated remote root exploit chain targeting the latest Pixel devices.

Syllabus

Typhoon Mangkhut: One-click Remote Universal Root Formed with Two Vulnerabilities

Taught by

Black Hat

Reviews

Start your review of Typhoon Mangkhut - One-click Remote Universal Root Formed with Two Vulnerabilities

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.