New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check for Pending Intents #2285

Open

cpholguera opened this issue Oct 17, 2022 · 0 comments

Labels

Android MASVS-PLATFORM

Collaborator

cpholguera commented Oct 17, 2022

Add theory about "Pending Intents" to 0x5h.

Add test case to check for vulnerable pending intents.

Originally suggested in #1962 (comment)
look for https://www.blackhat.com/eu-21/briefings/schedule/index.html#re-route-your-intent-for-privilege-escalation-an-universal-way-to-exploit-android-pendingintents-in-high-profile-and-system-apps-24340. They will report a new vector on how to get access to providers via PendingIntents (a lot of apps are vulnerable to that right now!)

cpholguera added Android MASVS-PLATFORM labels

su-vikas mentioned this issue

Add Test for Android Pending Intents to 0x05h #2300

Merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment