-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I think it will be just easier. afaik when someone really want to
exploit a app, it does not depend on the debug flag set.
On 08/29/2013 06:34 PM, Keith Makan wrote:
> replace('remote','');
>
> On Thursday, August 29, 2013 1:10:11 PM UTC+2, Keith Makan wrote:
>>
>>
>> I'm largely familiar with risk around publishing a de-buggable
>> app to the market, it basically breaks down to an attacker being
>> able to perform remote code execution and leak the values of
>> private and internal fields from the object instances and static
>> fields.
>>
>> *My questions is,* does anyone know to exploit a debuggable app
>> to uncontrolled achieve code exec?
>>
>> Regards
>>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/
iQEcBAEBAgAGBQJSH4S/AAoJEAhgHfpCPcybLCgH/jGS8yMgtsbJA+v5itRyWgQK
/hrPpQP7F5RXg7/IJReDeStvGrNan60Px/izcSDd81ANH0DWs7PJZjNOu/oyRl4P
SUb+xJqq87zaZmsY2uiMLiQyROLozDCp2jrvM5Xv+QTDMTTDh648wXIBKF2MlXjh
rgWVlK9eYud7A8SMk7pAw+F/Tr1LjHti7KhiMtJ5OFdiVh6/w6n4mpZoJPRBrUh5
cIlw0S85ODIlq2qKrLbPXnSBPMvtZ5MNEPv6hnGrE9WgnxEeYZRxyevehW4HUpc2
EJ8nrb9BFKjhTPSP+mPRQOIkZCSW0aDWuqjEQ1cgqFdvAY4c5pP14NkyoYyyCWM=
=CPb8
-----END PGP SIGNATURE-----
--
You received this message because you are subscribed to the Google Groups
"Android Security Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to android-security-discuss+unsubscr...@googlegroups.com.
To post to this group, send email to android-security-discuss@googlegroups.com.
Visit this group at http://groups.google.com/group/android-security-discuss.
For more options, visit https://groups.google.com/groups/opt_out.
