Andr´ Moulu e amoulu@quarkslab.com
Android introduction
Android security model
Methodology
Plan
1
Context and objectives
2
Android introduction
3
Android security model
4
Methodology
5
Toward a backdoor without permission
6
Post-exploitation
7
Scope of the vulnerabilities
8
Conclusion
Toward a backdoor without permission
Post-exploitation
Android introduction
Android security model
Methodology
Toward a backdoor without permission
Context and objectives
Why Android?
Most used mobile OS
Security often questioned because of many malwares
Unofficial markets (warez)
Show off how an application without any permission can take control of a smartphone
Post-exploitation
Android introduction
Android security model
Methodology
Toward a backdoor without permission
Post-exploitation
Context and objectives
Targeted user
Security aware user
Doesn’t use alternative markets
Checks permissions before installing an application
Targeted smartphone
Samsung Galaxy S3 (I9300)
50 millions copies sold (March 2013)
Actually, the Samsung frontend on the I9300
Some of these applications may also be present on other models
Some vulnerabilities may impact other models (S2, S4, Note 1/2, ...)
The vulnerable applications can’t be deleted without root access
Android introduction
Android security model
Methodology
Plan
1
Context and objectives
2
Android introduction
3
Android security model
4
Methodology
5
Toward a backdoor without permission
6
Post-exploitation
7
Scope of the vulnerabilities
8
Conclusion
Toward a backdoor without permission
Post-exploitation
Android introduction
Android security model
Methodology
Toward a backdoor without permission
Plan
1
Context and objectives
2
Android introduction
Android