Prison Break Season 6: Defeating the Mitigations Adopted by Android OEMs

Presented at Black Hat Asia 2018, March 22, 2018, 3:30 p.m. (60 minutes).

In recent years, Google has been committed to improving the security of the Android ecosystem. To better protect the kernel, Google has enabled a number of mechanisms including PXN, SELinux and so on. At the same time, some smartphone OEMs also make additional protection for their own products. As a result, vulnerability exploitation is becoming more and more challenging.

In the second quarter of 2017, Samsung, HUAWEI, OPPO and vivo account for 47.2 percent of the global market share. For the world's top four Android smartphone OEMs, there have only been some related researches on the Samsung KNOX. Considering the other three OEMs also occupy large global market share, we conducted an in-depth research on their mitigations and got some interesting discoveries.

In this talk, we will disclose all details of these mitigations and show how to bypass them stably, which have never been made public. In addition, some practical suggestions for the improvement of these protective mechanisms will be discussed during the presentation.


Presenters:

  • Jun Yao - security researcher, Core team
    Jun Yao has completed a master's degree in Computer Science at Xidian University in 2016. Now, He is a security researcher of C0RE team, focusing on Android kernel exploitation and vulnerability hunting.
  • Tong Lin - security researcher, Core team
    Tong Lin is now a security researcher at C0RE Team. He received his master's degree at the Chinese Academy of Sciences. He interested in kernel exploit discovery and presented his research about universal root on Android at HITCON Community 2017. In the past year, he has already submitted a series of vulnerability reports to Google's Android Security Rewards program and got corresponding public recognition for vulnerabilities disclosed. Currently, he is mainly focusing on smart fuzzing.

Links:

Similar Presentations: