Android KeyStore Permission Bypass

Posted by deepcore on February 7, 2018 – 12:09 pm

The keystore binder service (“android.security.IKeystoreService”) allows users to issue several commands related to key management, including adding, removing, exporting and generating cryptographic keys. The service is accessible to many SELinux contexts, including application contexts, but also unprivileged daemons such as “media.codec”. A permission bypass vulnerability exists in the KeyStore service due to getpidcon.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« WINCVS 2009R2 DLL Hijacking Joomla! Zh GoogleMap 8.4.0.0 SQL Injection »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Android KeyStore Permission Bypass

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL