Dangerous Hare: Hanging Attribute References Hazards Due to Vendor Customization

by Nan Zhang
Sept. 15, 2017 1 comment www.blackhat.com belen_caty

In this talk, we will show that such flaws could have serious security implications, that is, a malicious app can acquire critical system capabilities by pretending to be the owner of an attribute who has been used on a device while the party defining it does not exist due to vendor customizations. On the factory image of 97 most popular Android devices, we discovered 21557 likely Hare flaws, demonstrating the significant impacts of the problem from stealing user's voice notes, controlling the screen unlock process, replacing Google Email's account settings to injecting messages into Facebook app and Skype. We will also show a set of new techniques we developed for automatically detecting Hare flaws within different Android versions, which can be utilized by the device manufacturers and other parties to secure their custom OSes. And we will provide the guidance for avoiding this pitfall when building future systems.


Steven Ulm 9 months ago

Sorry mate, I can't really make my mind through this article. I know that you probably have good intentions in sharing it with us, but it is very hard to follow...