Through the use of JSONP, I was able to hook into AirDroid and construct my own token. “It generates a token (a 7bb session token) each time to connect to the website and uses an insecure method of sharing information. “They had some insecurity in the token used to control AirDroid to connect to the phone,” Bryant said. Bryant said JSONP it is possible to exploit JSONP to hijack the AirDroid web app. The flaw lies in the fact that the web applications use JSONP, or JSON with padding, to perform cross-origin requests. It affects AirDroid version 3.0.4 and earlier. The vulnerability was patched in March, weeks after it was reported on Feb. “This type of vulnerability is a little unique, but I don’t put it outside someone else finding,” Bryant said.
Airdroid web login apk#
apk files in order to potentially add malicious apps to the phone, transfer files from the phone to the computer, view and manipulate photos, view the Android screen in real time, open URLs with the Android browser, and track the device’s location. “You can force the app to open and control it from there.”įrom the Web interface, an attacker could also take pictures with the Android device, import and export. “The risk is that if you’re logged into the AirDroid service, it runs in the background-the app does not need to be open-and you’re vulnerable,” said Matt Bryant, a security analyst with Bishop Fox who discovered and disclosed the vulnerability to AirDroid.
An attacker would just need to lure a user to a malicious website hosting an exploit in order to be compromised. AirDroid has patched an authentication flaw in its web application that could allow an attacker to remotely control and manipulate a victim’s Android device.ĪirDroid, which is similar to Apple’s native iMessage app, allows a user to send SMS messages, make calls, add contacts and more via a web-based interface.
0 kommentar(er)
