Unprotected Broadcasts in Android 9 and 10

Overview

Explore a critical vulnerability in Android versions 9, 10, and 11 Developer Preview that allowed unauthorized apps to send protected broadcast Intent messages. Delve into the systemic flaw that granted protection only to apps installed in specific file system locations, compromising the security of the Android operating system. Learn about the discovery process, the implications for system and privileged pre-installed apps, and the potential for malicious exploitation. Examine the vulnerability details, including the PackageManager Service in Android 10, and understand the exploitation workflow using examples like the QMMI app. Gain insights into the fix implemented to address this (un)protected broadcast vulnerability and its impact on Android security.

Syllabus

Intro
App Components Android apps are composed of app components
Who can send protected broadcasts?
Which app directories can ...?
PackageManager Service Android 10
PresencePolling app Overview Communication Services (RCS)
Perfdump app Vulnerability Details
QMMI app - Exploitation Workflow
The (un)protected broadcast fix

Taught by

Black Hat

Reviews

Start your review of Unprotected Broadcasts in Android 9 and 10

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

Unprotected Broadcasts in Android 9 and 10

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

Start Arbitrary Activity App Components as the System User Vulnerability Affecting Samsung Android

Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android

Android - One Root to Own Them All

Into the Core - In-Depth Exploration of Windows 10 IoT Core

Never Stop Learning.