android-installer-hijacking-vulnerability (WOOYUN)

  • A+
所属分类:WooYun-Zone

瘦蛟舞android-installer-hijacking-vulnerability  (WOOYUN) (科普是一种公益行为) android-installer-hijacking-vulnerability  (WOOYUN) | 2015-03-25 16:22

原文地址:http://researchcenter.paloaltonetworks.com/2015/03/android-installer-hijacking-vulnerability-could-expose-android-users-to-malware/

漏洞主要是利用 Time-of-Check to Time-of-Use (TOCTTOU),打一个时间差偷梁换柱,在PackageInstaller检测完权限后安装app之前替换掉当前被安装的应用.

检测工具:
https://github.com/PaloAltoNetworks-BD/InstallerHijackingVulnerabilityScanner

4.3之后patch:
https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/2b3202c3ff18469b294629bf1416118f12492173

分享到: