Is Android hacking only limited to payload installation? (For Ethical/Educational Purposes only) – Digitalmunition




Home Forums Is Android hacking only limited to payload installation? (For Ethical/Educational Purposes only)

This topic contains 1 reply, has 2 voices, and was last updated by  luigivampa92 1 month, 3 weeks ago.

  • Author
    Posts
  • #333782

    anonymous
    Participant

    I am a beginner to ethical hacking and was recently reading about Android exploits. All I can see are payload methods (installing an app). Is this the only way to break through the system? Or are there other tried and tested ways to exploit Android mobile devices?

  • #333783

    luigivampa92

    Not sure about best practices, because I do it mostly out of curiosity, but there is a large attack surface on devices that have their bootloader unlocked and because of that they have their system integrity protection mechanisms disabled. I tried to make my own daemons that run on system level (not app level), gather information and send it to my server. The most ironic thing is that most of such devices out there are devices with LineageOS installed or with root gained by magisk, and people often install magisk or LineageOS to get rid of google and feel more private, safe and secure, but by doing so they expose themselves for huge amount of threats they don’t even expect. It is the payload method as well but the payload is different.

    There were ways to break into system through vulnerabilities in Chrome or WebView but google quickly patches such things.

    There was a huge stagefright library vulnerability that allowed to RCE device without any victim interaction by just sending an MMS message.

    There was a RCE via bluetooth stack, also no user interaction, and it was recently, February 2020, if I remember that right.

  • #333784

    Gypsyx007

    There are many attack vectors for Android. APK’s are just the easiest.

    Search for “Android” on [https://www.exploit-db.com/](https://www.exploit-db.com/) – Here you’ll find tons of local/remote/DoS attacks and more.

    You can see the exploit code to ascertain what is being abused. Usually it’s a weakness in an app instead of the OS, but you still find those, they are harder to come by though.

You must be logged in to reply to this topic.