Author Topic: Android Master Key Vulnerability—PoC  (Read 1659 times)

0 Members and 1 Guest are viewing this topic.

Offline Axon

  • VIP
  • King
  • *
  • Posts: 2047
  • Cookies: 319
    • View Profile
Android Master Key Vulnerability—PoC
« on: September 01, 2013, 10:51:16 am »

The recently discovered master key vulnerability in Android has given a jolt to the Android team and other parties involved. This vulnerability allows attackers to inject malicious code into legitimate Android applications without invalidating the digital signature. It’s very easy for hackers and attackers to take advantage of this vulnerability and exploit it.




So let’s look into what the issue is, how hackers can exploit it, and what needs to be done to fix it.



http://resources.infosecinstitute.com/android-master-key-vulnerability-poc/


« Last Edit: September 01, 2013, 10:51:41 am by Axon »

Offline Deque

  • P.I.N.N.
  • Global Moderator
  • Overlord
  • *
  • Posts: 1203
  • Cookies: 518
  • Programmer, Malware Analyst
    • View Profile
Re: Android Master Key Vulnerability—PoC
« Reply #1 on: September 02, 2013, 10:45:34 am »
Wow, that's pretty easy to exploit. Thanks for the link. Was an interesting read.

Offline Axon

  • VIP
  • King
  • *
  • Posts: 2047
  • Cookies: 319
    • View Profile
Re: Android Master Key Vulnerability—PoC
« Reply #2 on: September 02, 2013, 02:08:33 pm »
Wow, that's pretty easy to exploit. Thanks for the link. Was an interesting read.


You are more than welcome ma'am. :D