Why are Frida and QBDI a Great Blend on Android?

This blog post dives into how to get a better understanding of an Android native function by taking full advantage of both Frida and QBDI.

more ...

A Glimpse Into Tencent's Legu Packer

Analysis of Tencent Legu: a packer for Android applications.

more ...

CM Browser: HTTPS URL Leak

This blog post presents a vulnerability which affects the widely installed Android web browser.

more ...

Android Native Library Analysis with QBDI

This blog post deals with QBDI and how it can be used to reverse an Android JNI library

more ...

Android Application Diffing: Analysis of Modded Version

This blog post is about detecting modifications between genuine and repackaged applications.

more ...

Android Application Diffing: CVE-2019-10875 Inspection

This blog post is about examining an Android security patch and understanding how it mitigates the vulnerability.

more ...

Android Application Diffing: Engine Overview

This blog post is about how to efficiently spot code mutations between distinct versions of an Android application.

more ...

A Story About Three Bluetooth Vulnerabilities in Android

Earlier this year, on March 2018, we published a blog post detailing 2 vulnerabilities in the Android Bluetooth stack, which were independently discovered by Quarkslab, but were fixed in the March 2018 Android Security Bulletin while we were in the process of reporting them to Google.

more ...

Android Bluetooth Vulnerabilities in the March 2018 Security Bulletin

The March 2018 Android Security Bulletin includes fixes for 10 vulnerabilities in its Bluetooth stack, some of which were also independently discovered by Quarkslab, but were fixed while we were in the process of reporting them to Google (spoiler alert: we have reported a few more new Bluetooth vulnerabilities to the Android team — we'll disclose the details after they get fixed). This blogpost shows technical details for a couple of these fixed bugs, which can be triggered remotely and without any user interaction, as well as proof-of-concept code for them.

more ...

Remote Code Execution as System User on Android 5 Samsung Devices abusing WifiCredService (Hotspot 2.0)

This article explains a recently disclosed vulnerability, independently discovered by the Google's Project Zero team and by Quarkslab some months ago. To our knowledge, this vulnerability was present, on all Samsung devices using Android 5, and allowed remote code execution as system user simply by browsing a website, by downloading an email attachment or via a malicious third party application with no permission.

more ...