ticarpi

ticarpi

adventures in infosec, code, and hacking

Vuln Research

CVE Disclosures

OS:

Android OS:

Wi-Fi Elevation of Privilege in Guest Mode (CVE-2016-2457) - Feb 2016 https://source.android.com/security/bulletin/2016-05-01.html#acknowledgements

Bluetooth Elevation of Privilege in Guest Mode (CVE-2016-3760) - Feb 2016 https://source.android.com/security/bulletin/2016-07-01.html#acknowledgements

Blog about both Guest Mode vulns on e2e-assure blog:
https://www.e2e-assure.com/Hacking_Android_Guest_Mode

Application:

Android Apps:

Photo Vault category (12x apps) - April 2016
Part 1 - weak security
Part 2 - weak permissions
Part 3 - weak encryption