The well-known way of breaking out of the Android sandbox is using a recent local Linux kernel exploit for privilege escalation. However, why always pick on Linus in Ring-0 when there is so much more to explore in user mode. Join me in a fascinating journey through Android's sandbox implementation with a lot of IPC endpoints, Services, Content providers, Serialisation, Permissions, Activities and much more, all scattered through multiple processes with different privilege levels. From a single point of entry we will build our majestic sandcastle in Android's sandbox, spanning multiple processes to hopefully obtain the holy grail of Android permissions: android.permission.INSTALL_PACKAGES
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.