Unix Domain Socket: A Hidden Door Leading to Privilege Escalation in the Android Ecosystem

preview_player
Показать описание
Unix domain socket (UDS) is an important inter-process communication (IPC) mechanism in the Android ecosystem. It can transfer IPC data safely with its access control strategies. In general, third-party applications cannot directly communicate with UDS services because of the restriction of SELinux. Thus, vendors often ignore the security of UDS services. Worse still, they may introduce additional vulnerabilities into UDS from insecure design, implementation, and misconfiguration. As a result, UDS becomes a hidden attack surface that can cause privilege escalation in the Android ecosystem....

By: Dongxiang Ke, Lewei Qu, Han Yan & Daozheng Lin

Full Abstract & Presentation Materials:
  1. Black Hat
Рекомендации по теме
Unix Domain Socket: 0:43:08

Unix Domain Socket: A Hidden Door Leading to Privilege Escalation in the Android Ecosystem

The Superpower of 1:20:00

The Superpower of Unix Sockets

C++ : How 0:01:14

C++ : How to connect to an unix domain socket with boost::asio?

Sniff UNIX domain 0:02:20

Sniff UNIX domain socket (3 Solutions!!)

C# : How 0:01:14

C# : How to connect to a Unix Domain Socket in .NET Core in C#

Unix & Linux: 0:03:00

Unix & Linux: Unix Domain Socket bind, reuse address (2 Solutions!!)

PYTHON : What's 0:01:04

PYTHON : What's the correct way to use a unix domain socket in requests framework?

Windows : How 0:01:24

Windows : How to tunnel remote UNIX socket on Windows machine

Django : curl-like 0:01:29

Django : curl-like tool for wsgi over unix domain socket

R : How 0:01:35

R : How to connect to a Unix domain (AF_UNIX) socket in R language?

C# : What 0:01:10

C# : What mechanism is used by MSYS/Cygwin to emulate Unix domain sockets?

Django : Gunicorn 0:01:38

Django : Gunicorn - Where do Unix sockets come from?

MySQL : FluentMySQL 0:01:06

MySQL : FluentMySQL connection using Unix Socket

NodeJS : Node 0:01:25

NodeJS : Node Express Unix Domain Socket Permissions

NodeJS : unix 0:01:37

NodeJS : unix sockets on nodeJs

Unix & Linux: 0:01:32

Unix & Linux: Performance of unix sockets vs TCP ports (2 Solutions!!)

MySQL : Force 0:01:08

MySQL : Force MySQL to use only unix socket

Day in My 0:00:46

Day in My Life as a Quantum Computing Engineer!

C++ : Is 0:01:02

C++ : Is AF_UNIX socket send thread safe?

MySQL : JDBC 0:01:21

MySQL : JDBC MySQL connection using Unix Socket

C++ : unix 0:01:23

C++ : unix socket vs shared memory message which is faster

Android : LocalSocket 0:01:37

Android : LocalSocket communication with Unix Domain in Android NDK

Nginx Reverse Proxy 4:05:16

Nginx Reverse Proxy Analysis | Unix Domain Sockets, Linux Kernel, and Nginx Buffers

C++ : C++ 0:01:32

C++ : C++ Qt write to unix socket