Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Unprotected Broadcasts in Android 9 and 10

Black Hat via YouTube

Overview

Explore a critical vulnerability in Android versions 9, 10, and 11 Developer Preview that allowed unauthorized apps to send protected broadcast Intent messages. Delve into the systemic flaw that granted protection only to apps installed in specific file system locations, compromising the security of the Android operating system. Learn about the discovery process, the implications for system and privileged pre-installed apps, and the potential for malicious exploitation. Examine the vulnerability details, including the PackageManager Service in Android 10, and understand the exploitation workflow using examples like the QMMI app. Gain insights into the fix implemented to address this (un)protected broadcast vulnerability and its impact on Android security.

Syllabus

Intro
App Components Android apps are composed of app components
Who can send protected broadcasts?
Which app directories can ...?
PackageManager Service Android 10
PresencePolling app Overview Communication Services (RCS)
Perfdump app Vulnerability Details
QMMI app - Exploitation Workflow
The (un)protected broadcast fix

Taught by

Black Hat

Reviews

Start your review of Unprotected Broadcasts in Android 9 and 10

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.