Rogue Android Camera Access
by geshem - November 20, 2019 at 12:33 PM
#1
"by manipulating specific actions and intents, an attacker can control the app to take photos and/or record videos through a rogue application that has no permissions to do so. Additionally, we found that certain attack scenarios enable malicious actors to circumvent various storage permission policies, giving them access to stored videos and photos, as well as GPS metadata embedded in photos, to locate the user by taking a photo or video and parsing the proper EXIF data. This same technique also applied to Samsung’s Camera app."

https://www.checkmarx.com/blog/how-attac...oid-camera
#2
This is cool but the link does not explain how the exploits work. Do you have another link?
#3
(November 21, 2019 at 09:44 PM)plastic Wrote: This is cool but the link does not explain how the exploits work. Do you have another link?

Did you watch the video embedded in the article? They demo the various exploits, but haven't released the PoC code unfortunetely

Possibly Related Threads…
Thread Author Replies Views Last Post
HOW TO BUILD YOUR OWN ROGUE GSM BTS FOR FUN AND PROFIT rf6686rf 2 870 December 29, 2018 at 01:26 PM
Last Post: fcpasses
185,000 Wireless IP Camera vulnerable CrackerSan 18 4,143 July 04, 2017 at 06:29 AM
Last Post: goll89

 Users browsing this thread: 1 Guest(s)