In recent years, Google has been committed to improving the security of the Android ecosystem. To better protect the kernel, Google has enabled a number of mechanisms including PXN, SELinux and so on. At the same time, some smartphone OEMs also make additional protection for their own products. As a result, vulnerability exploitation is becoming more and more challenging.
In the second quarter of 2017, Samsung, HUAWEI, OPPO and vivo account for 47.2 percent of the global market share. For the world's top four Android smartphone OEMs, there have only been some related researches on the Samsung KNOX. Considering the other three OEMs also occupy large global market share, we conducted an in-depth research on their mitigations and got some interesting discoveries.
In this talk, we will disclose all details of these mitigations and show how to bypass them stably, which have never been made public. In addition, some practical suggestions for the improvement of these protective mechanisms will be discussed during the presentation.