Certifi-Gate: Front-Door a Access to Pwning Millions of Androids

by Ohad Bobrov, Avi Bashan
Sept. 18, 2017 1 comment www.blackhat.com belen_caty Pen Testing & Audits

In this session, Lacoon researchers will walk through the technical root cause of these responsibly-disclosed vulnerabilities including hash collisions, IPC abuse and certificate forging which allow an attacker to grant their malware complete control of a victims device. We'll explain why these vulnerabilities are a serious problem that in some ways can't be completely eliminated, show how attackers exploit them, demonstrate an exploit against a live device, and provide remediation advice.

https://www.blackhat.com/us-15/briefings.html#certifi-gate-front-door-access-to-pwning-millions-o...

Avatar
Steven Ulm 2 months, 3 weeks ago

Good title, good article :) Thanks for sharing it with us !

Reply