by Wen Xu
In recent months, we focus on bug hunting to achieve root on android devices. Our kernel fuzzing, leaded by @wushi, generated a lot of crashes and among them, we found a kernel Use-After-Free bug which lies in all versions of Linux kernel and we successfully take advantage of it to root most android devices on the market nowadays, even for the 64-bit ones.
We leverage this bug to root whatever android devices of whatever brands. And also we are the first one in the world, as far as we are aware, rooting the 64-bit android device by taking advantage of a kernel memory corruption bug. The related kernel exploitation method is unique.
In this talk, we will explain the root cause of this UAF bug and also the methods used to exploit it. We will demonstrate how we can fill the kernel memory once occupied by the vulnerable freed kernel object with fully user-controlled data by spraying and finally achieved arbitrarily code execution in kernel mode to gain root. All our spraying methods and exploiting ways apply to the latest Android kernel, and we also bypass all the modern kernel mitigations on Android device like PXN and so on. Even introduced 64-bit address space fails to stop our rooting. And a very important thing is that the rooting is stable and reliable. Actually, we will present a common way to exploit android kernel Use-After-Free bug to gain root. We will also cover some new kernel security issue on the upcoming 64-bit android platform in the future.
Ah! Universal Android Rooting Is Back blackhat 2015 |
| 43 Likes | 43 Dislikes |
| 2,589 views views | 117K followers |
| People & Blogs | Upload TimePublished on 29 Dec 2015 |
Related keywords
- infosec news
- information security manager
- blackhat asia 2019
- blackhat 2019
- infosec twitter
- blackhat 2018
- black hat seo technique
- blackhat europe
- blackhat badger sekiro
- black hat x reader
- black hat cartoon
- black hat x dr flug
- cyber securityとは
- blackhat conference 2019
- cyber security cloud
- black hat full movie
- blackhat badger
- blackhat forum
- information security foundation 勉強
- infosec rotkreuz
- cyber security framework
- information security policy template
- infosecurity utrecht
- infosec ups system
- cyber security news
- cyber security act
- infosecurity
- blackhat full movie
- infosec blog
- black hat badger
- information security foundation 参考書
- information security management system
- cyber security conference
- black hat seo
- cyber security pro
- black hat movie
- blackhat imdb
- infosec podcast
- black hat cast
- cyber security pro 新しいネットワークが検出されました
- cyber security cloud managed rules
- cyber security measures
- information security governance
- infosec global
- infosecurity europe 2020
- infosec health
- infosec magazine
- information security 日本語
- infosec 19
- black hat anime
- information security foundation
- infosecurity magazine
- cyber security tokyo
- black hat meaning
- black hatch
- information security definition
- information security pdf
- infosec europe 2019
- cyber security market
- infosec institute
- infosec 2019 london
- information security foundation 難易度
- black hatch gamefowl
- cyber security management system
- information security certifications
- blackhat film
- cyber security pro アンインストール
- information security specialist
- cyber security 意味
- cyber security analyst
- information security policy
- black hat usa 2019
- information security forum
- information security news
- infosec conferences
- information security officer
- infosekta
- cyber security japan
- blackhat trailer
- information security analyst
- cyber security university
- black hat hacker
- black hat forum
- cyber security company
- black hat hacking
- black hat villainous
- blackhat conference
- information security foundation based on iso/iec 27001
- blackhat usa
- cyber security report
- blackhatworld
- black hat x demencia
- information security management
- blackhat cast
- black hat 2019
- infosec reactions
Không có nhận xét nào:
Đăng nhận xét