Presented at
DEF CON China Beta (2018),
May 11, 2018, 5 p.m.
(60 minutes).
Directory traversal vulnerabilities are very common in Android applications. This is also a place that developers ignore easily. Directory traversal vulnerabilities are also very harmful because it can break the application sandbox mechanism of Android.
In this paper, we will introduce the research of directory traversal vulnerabilities on the Android platform. from the aspects of what it is, how to find them, what they will cause and how to exploit them. We will explain these contents in a practical way.
Presenters:
-
Xiaobo Xiang (Elphet)
Xiaobo Xiang (Elphet) is a security researcher of 360 Alpha Team. He has submitted multiple bugs to Google and several other vendors in China. He is a Doctor Candidate in University of Chinese Academy of Sciences (UCAS), who mainly focuses on Android vulnerability reseach. In his spare time, he is keen on participating CTF games as a pwner in the CTF team NeSE (aka Never Stop Exploiting), which is a well-known separate CTF team in China.
Links:
Tags:
Similar Presentations: