Description: A brief video demo of two unpatched Android vulnerabilities: a permission escalation allowing the installation of applications with arbitrary permissions without user approval; and a privilege escalation targeting Android's Linux kernel that allows an unprivileged application to gain root access.
Zach and I will be covering these vulnerabilities and a wide range of other mobile security topics in our SOURCE Barcelona training course this November titled "TEAM JOCH Presents: Lessons In Mobile Penetration Testing".
More information about our mobile security training course at SOURCE Barcelona is available here: http://www.sourceconference.com/barcelona/training.asp
Tags: android , smartphone , root , vulnerability , device , exploit , mobile security ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
that's all just plain sexy. nice work. if i could afford the trip and training i would do it. keep up the great work.
one question: do you have a stance on the NDK opening additional exploitation vectors? I can't imagine it being otherwise, but i also have received limited feedback on this approach.
Damn this is hood, i would really love to come but i'm currently busy in Work.
I really hope you can provide and online training for this ?