![]() The researchers advise users to uninstall or disable AirDroid until a fix for these issues is made available. Here is a video demo of the exploitation: This failure to secure the app has prompted the researchers to share the knowledge publicly, and they have also provided PoC modules to demonstrate the information leak and remote code execution flaws. Zimperium notified the app’s developers of these vulnerabilities, but even though they acknowledged the results, never versions of the app are still vulnerable. AirDroid is an app exclusive to Android which enables you to connect your device to your PC through a wireless network. Then run the displayed command in command line. The app does not verify if the served update is legitimate. Yes, you need to root your device, install WiFi ADB from Play market, run the Wifi Adb and switch it on. We need to use screen mirror technology between the two devices using a. For example, if your phone shipped with a USB-C. AirDroid is a globally well-known application so there is no problem of trust. The typical USB cables are micro-USB to USB-A/B/C, USB-C-USB-A, or USB-C to USB-C, but you need to check the ports your PC has before connecting. In addition to this, the attackers could also redirect and modify the HTTP traffic sent and received by the device when it checks for updates, and plant a malicious update for it to use. If you have an Android phone, you can use the original USB cable that shipped with it to transfer files between the devices. ![]() ![]() In fact, these four major features let you achieve nineteen different Android device. Manage SMS, files, photos and videos, WhatsApp, Line, WeChat and more on computer. After installation, you can activate four remote management features: Remote Camera, File Transfer, View Mode, and Remote Control. Access Android phone/tablet from computer remotely and securely. Having this information, the attacker can now impersonate the victim’s device and perform various HTTP or HTTPS requests on its behalf to the AirDroid API endpoints.” Controller Computers (Desktop Client) AirDroid Business Desktop Client is where you manage remote device access and control. “This HTTP request can be decrypted at runtime using the 890jklms key hardcoded inside the application and the authentication fields parsed from the resulting JSON. “A malicious party could perform a MITM network attack and grab the device authentication information (…) from the very first HTTP request the application performs,” they explained. “AirDroid relies on secure HTTPS API endpoints for most of its functionalities, but during our analysis we’ve found that other insecure channels are used for specific tasks,” the researchers noted.įor example, the apps sends statistics to the app developers’ servers over HTTP, but uses a minimal layer of security to protect the data: a symmetric encryption scheme called DES. Tens of millions of users of AirDroid, a remote management tool for Android, are vulnerable to man-in-the-middle attacks that could lead to data theft and their devices being compromised through malicious updates.Īccording to Zimperium researchers, such attacks can be performed when users find themselves on the same unsecured network as the attacker (e.g.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |