Category: Android

22 articles
Date Tue 08 April 2025
Author Jérémy Jourdois
Category Android

A signature verification bypass in a function that verifies the integrity of ZIP archives in the AOSP framework

Date Tue 15 October 2024
Authors Maxime Rossi Bellom, Raphaël Neveu
Category Android

We discovered several vulnerabilities impacting the boot chain of several Samsung devices. Chained together, they allow us to execute code in the bootloader, get root access on Android with persistency, and finally leak anything from the Secure World's memory including the Android Keystore keys.

Date Tue 06 February 2024
Author Eric Le Guevel
Category Android

Study of an Android runtime (ART) hijacking mechanism for bytecode injection through a step-by-step analysis of the packer used to protect the DJI Pilot Android application.

Date Mon 14 August 2023
Authors Maxime Rossi Bellom, Damiano Melotti
Category Android

Join us in our journey into modern Android's Data Encryption at rest, in which we study how it works and assess how resistant it is against attackers having access to a range of high end software vulnerabilities.

Date Thu 27 April 2023
Author Eric Le Guevel
Category Android

This article is about greybox fuzzing of userland targets that can be encountered in Android using AFL++ and its Frida mode. We also discuss how to target JNI functions, to test the native features invoked by Java code.

Date Thu 11 August 2022
Authors Damiano Melotti, Maxime Rossi Bellom
Category Android

Following our presentation at Black Hat USA, in this blog post we provide some details on CVE-2022-20233, the latest vulnerability we found on Titan M, and how we exploited it to obtain code execution on the chip.

Date Tue 26 April 2022
Author Alexis Challande
Category Android

In this blog post, we present a new vulnerability dataset composed of thousands of vulnerabilities aimed at helping security practitioners to develop, test and enhance their tools. Unlike others, this dataset contains both the vulnerable and fixed states with source data.

Date Thu 03 February 2022
Author Benoît Forgette
Category Android

When analyzing an Android application, we often end up playing with the Smali intermediate representation... Way more human readable than the binary DEX code itself, but still not that user friendly. This blog post gives some guidelines on how to read Smali, and start writing you own Smali code!

Date Thu 04 March 2021
Author Eric Le Guevel
Category Android

A quick introduction to Android Emuroot, a Python script that allows to get root privileges on the fly on an Android Virtual Device (AVD). It explains the reverse engineering steps needed for the script to work with recent AVDs and provides a preview of specific Linux kernel structures in memory.

Date Tue 04 August 2020
Author Tom Czayka
Category Android

This blog post dives into how to get a better understanding of an Android native function by taking full advantage of both Frida and QBDI.