On Thu, Aug 29, 2013 at 10:26 AM, Mario Ballano <mball...@gmail.com> wrote:
> You can apparently connect to the @jdwp-control unix socket from within a > third app to take control over the debuggable app: > > > https://labs.mwrinfosecurity.com/blog/2011/07/07/debuggable-apps-in-android-market/ > This was fixed a long time ago. https://android.googlesource.com/platform/dalvik/+/d53c7efac74f2c690a86871f160a0f36fbc069ef saurik's notes on his implementation of the cydia-impactor exploit may also > come in helpful: > > http://www.saurik.com/id/17 > This presupposes a pre-existing root compromise, which is already a violation of the Android security model. > > > see how he gets to call exec() on the Java Runtime. > > Mario > > > > On 29 August 2013 17:34, Keith Makan <k3170ma...@gmail.com> wrote: > >> replace('remote',''); >> >> >> On Thursday, August 29, 2013 1:10:11 PM UTC+2, Keith Makan wrote: >>> >>> >>> I'm largely familiar with risk around publishing a de-buggable app to >>> the market, >>> it basically breaks down to an attacker being able to perform remote >>> code execution >>> and leak the values of private and internal fields from the object >>> instances and static fields. >>> >>> *My questions is,* does anyone know to exploit a debuggable app to >>> uncontrolled achieve code exec? >>> >>> Regards >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Android Security Discussions" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to android-security-discuss+unsubscr...@googlegroups.com. >> To post to this group, send email to >> android-security-discuss@googlegroups.com. >> Visit this group at >> http://groups.google.com/group/android-security-discuss. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to android-security-discuss+unsubscr...@googlegroups.com. > To post to this group, send email to > android-security-discuss@googlegroups.com. > Visit this group at > http://groups.google.com/group/android-security-discuss. > For more options, visit https://groups.google.com/groups/opt_out. > -- Nick Kralevich | Android Security | n...@google.com | 650.214.4037 -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+unsubscr...@googlegroups.com. To post to this group, send email to android-security-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
