fastboot oem vuln: Android Bootloader Vulnerabilities in Vendor Customizations
نویسنده
چکیده
We discuss the fastboot interface of the Android bootloader, an area of fragmentation in Android devices. We then present a variety of vulnerabilities we have found across multiple Android devices. Most notable ones include Secure Boot & Device Locking bypasses in the Motorola and OnePlus 3/3T bootloaders. Another critical flaw in OnePlus 3/3T enables easy attacks by malicious chargers – the only prerequisite is a poweredoff device to be connected. An unexpected attack vector in Nexus 9 is also shown – malicious headphones. Other discovered weaknesses allow for data exfiltration (including a memory dumping of a Nexus 5X device), enablement of hidden functionality such as access to the device’s modem diagnostics and AT interfaces , and attacks against internal System-on-Chips (SoCs) found on the Nexus 9 board.
منابع مشابه
USB Connection Vulnerabilities on Android Smartphones: Default and Vendors' Customizations
We expose an USB vulnerability in some vendors’ customization of the android system, where the serial AT commands processed by the cellular modem are extended to allow other functionalities. We target that vulnerability for the specific vendor system and present a proof of concept of the attack in a realistic scenario environment. For this we use an apparently inoffensive smartphone charging st...
متن کاملRooting of Android Devices and Customized Firmware Installation and its Calibre
When we use a mobile device which runs Android, we usually look for the basic features such as call, texting, gaming, internet browsing, camera and music. However Android devices can be made more powerful and its power can be utilized in a larger scale once it has been rooted. Keywords-Root, Rooting, Android, Recovery, Bootloader,
متن کاملKratos: Discovering Inconsistent Security Policy Enforcement in the Android Framework
The Android framework utilizes a permission-based security model, which is essentially a variation of the ACL-based access control mechanism. This security model provides controlled access to various system resources. Access control systems are known to be vulnerable to anomalies in security policies, such as inconsistency. In this work, we focus on inconsistent security enforcement within the ...
متن کاملForensic Recovery of Scrambled Telephones
At the end of 2011, Google released version 4.0 of its Android operating system for smartphones. For the first time, Android smartphone owners were supplied with a disk encryption feature that transparently scrambles user partitions, thus protecting sensitive user information against targeted attacks that bypass screen locks. On the downside, scrambled telephones are a a nightmare for IT forens...
متن کاملA Review on Android Authentication System Vulnerabilities
Mobile security has become a crucial aspect of mobile computing. People are maintaining their confidential and valuable information on smart phones. Most of the users and businesses use smart phones as message tools, and means of scheduling and establishing their work and private life. Smart phones contain increasing amount of exposed information to which access must be prohibited. But security...
متن کامل