logo

Physical Attacks Against Smartphones

Conference:  Defcon 31

2023-08-01

Authors:   Christopher Wade


Abstract

Android devices are constantly improving their security to protect against attackers with physical access, with new protection techniques being added year-by-year. This talk aims to demonstrate vulnerabilities in modern Android smartphones that are still viable, despite the mitigations in place. In the first phase of this talk, we will discuss analysis and exploitation of vendor-customised versions of Android's Recovery mode, demonstrating weaknesses that allow for privilege escalation to root, and traversal from Recovery to Android, without Bootloader access, using nothing but a Micro SD card. In the second phase, we will discuss weaknesses in the Secondary Bootloader of devices produced by a popular smartphone manufacturer. We will demonstrate how, using a vulnerability in the core USB stack, code execution can be achieved, and a modified Android image can be booted, without compromising the functionality of the device.

Materials:

Post a comment

Related work

Conference:  BlackHat USA 2021
Authors:
2021-08-05

Conference:  Defcon 29
Authors:
2021-08-01


Conference:  Defcon 31
Authors: Ryan Johnson Senior Director, R&D at Quokka, Mohamed Elsabagh Senior Director, R&D at Quokka, Angelos Stavrou Founder and Chief Scientist at Quokka
2023-08-01

Conference:  Defcon 31
Authors: Josep Pi Rodriguez Principal Security Consultant at IOActive
2023-08-01