Available Exploits - Android

Article ID: 5

Last updated: 28 May, 2015

Details

In order for the exploit to be effective, customers must provide an URL that the target's browser will automatically load after successful exploitation or in case of error.

Requirements/Conditions/Restraints:

this Android remote exploit targets the default browser installed on Android 4 devices up to version 4.3.*;
Android browser (it doesn't work with Chrome).

Instructions

Customers must as well provide the APK that will be installed on the target's device, upon a successful execution of the exploit. Such a file can be generated directly from the RCS console:

select a mobile factory;
click on Build;
select Installation Package/Android/Create...;
extract the file called <name>.v2.apk from the generated ZIP archive.

HackingTeam will then provide a URL where the exploit is hosted. A link pointing to the exploit can finally be sent to the target, for instance via SMS or email. The full exploit will be served exclusively to Android 4.0.*- 4.3.* devices. If the exploit URL is visited from a different browser or device no payload will be executed and the redirect will happen immediately.

Article ID: 5

Last updated: 28 May, 2015

Revision: 4

Public

Comments: 0

Print Export to PDF Subscribe Share Add comment

This article was: Helpful | Not helpful

Tags

exploit sms email

Prev		Next
Android Remote Exploit Compatibility Matrix		Exploit Deployment Guidelines