A framework for on-device privilege escalation exploit execution

Sebastian Höbarth, Rene Mayrhofer

Research output: Chapter in Book/Report/Conference proceedingsConference contribution

Abstract

Exploits on mobile phones can be used for various reasons; a benign one may be to achieve system-level access on a device that was locked by the manufacturer or service provider (also known as `jailbreaking' or `rooting'), while potentially malicious reasons are manifold. Independently of the use case however, a specific exploit is not sufficient to achieve the desired access rights. Typically, exploits provide {temporary privilege escalation} immediately after their execution. To provide additional access to applications, permanent privilege escalation is required -- in the benign case, including secure access control for the user to decide which (parts of) applications are granted elevated access. In this paper, we present a framework that can use arbitrary temporary exploits on Android devices to achieve permanent `root' capabilities for select (parts of) applications.
Original languageEnglish
Title of host publicationProceedings on 3rd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use (IWSSI 2011)
Publication statusPublished - 2011
Event3rd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use (IWSSI 2011) - San Francisco, United States
Duration: 12 Jun 201112 Jun 2011
http://www.medien.ifi.lmu.de/iwssi2011/

Workshop

Workshop3rd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use (IWSSI 2011)
Country/TerritoryUnited States
CitySan Francisco
Period12.06.201112.06.2011
Internet address

Fingerprint

Dive into the research topics of 'A framework for on-device privilege escalation exploit execution'. Together they form a unique fingerprint.

Cite this