Content deleted Content added
→Security: Better grammar |
→Security: Split between vulnerabilities and malware usage |
||
Line 97:
== Security ==
Up to [[Android 2.2]], Android was vulnerable to the ''RageAgainstTheCage'' [[Exploit (computer security)|exploit]]. The adb [[Daemon (computing)|daemon]] did not check for the return value of the [[setuid]] [[system call]] when [[dropping privileges]]. The exploit [[Fork (system call)|forks]] processes until it fails due to the exhaustion of [[Process identifier|process identifiers]]. When the daemon crashes and restarts, it cannot start a new process with dropped privileges and keeps running as root. Then adb provided a root shell.<ref>{{Cite book|last=Drake|first=Joshua J.|url=https://www.worldcat.org/oclc/875820167|title=Android hacker's handbook|date=2014|publisher=Wiley|others=Zach Lanier, Collin Mulliner, Pau Oliva, Stephen A. Ridley, Georg Wicherski|isbn=978-1-118-60861-6|___location=Indianapolis, IN|pages=75|oclc=875820167|access-date=2021-09-26|archive-date=2021-09-26|archive-url=https://web.archive.org/web/20210926122022/https://www.worldcat.org/title/android-hackers-handbook/oclc/875820167|url-status=live}}</ref> In 2017, a security vulnerability was disclosed that exploited ADB to take over the onboard [[modem]]. The attack required adb to be already enabled and authorized, although some workarounds were available.<ref>{{Cite web|last=Mendelsohn|first=Tom|date=2017-01-09|title=Google plugs severe Android vulnerability that exposed devices to spying|url=https://arstechnica.com/information-technology/2017/01/google-plugs-severe-android-bootmode-vulnerability/|url-status=live|access-date=2021-09-10|website=[[Ars Technica]]|language=en-us|archive-date=2021-09-10|archive-url=https://web.archive.org/web/20210910135518/https://arstechnica.com/information-technology/2017/01/google-plugs-severe-android-bootmode-vulnerability/}}</ref>
== See also ==
| |||