EvilZone

Hacking and Security => Mobile Hacking => Android => Topic started by: Axon on September 01, 2013, 10:51:16 AM

Title: Android Master Key Vulnerability—PoC
Post by: Axon on September 01, 2013, 10:51:16 AM

The recently discovered master key vulnerability in Android has given a jolt to the Android team and other parties involved. This vulnerability allows attackers to inject malicious code into legitimate Android applications without invalidating the digital signature. It’s very easy for hackers and attackers to take advantage of this vulnerability and exploit it.




So let’s look into what the issue is, how hackers can exploit it, and what needs to be done to fix it.



http://resources.infosecinstitute.com/android-master-key-vulnerability-poc/ (http://resources.infosecinstitute.com/android-master-key-vulnerability-poc/)

Title: Re: Android Master Key Vulnerability—PoC
Post by: Deque on September 02, 2013, 10:45:34 AM

Wow, that's pretty easy to exploit. Thanks for the link. Was an interesting read.

Title: Re: Android Master Key Vulnerability—PoC
Post by: Axon on September 02, 2013, 02:08:33 PM

Quote from: Deque on September 02, 2013, 10:45:34 AM

Wow, that's pretty easy to exploit. Thanks for the link. Was an interesting read.

You are more than welcome ma'am. :D