Rony Das

Designation:

Senior Security Consultant - Offensive Security, Netsentries

Talk Title:

Hacking Android Foreground Services Escalation Of Privileges

Abstract:

With the releases of Android Oreo and Pie, Android introduced some background execution limitations for apps. Google restricted the execution of background services to save energy and to prevent apps from running endlessly in the background. Moreover, access to the device’s sensors was changed and a new concept named foreground service was introduced. Preventing apps from using the device’s resources like the camera. These limitations, however, would not affect so-called foreground services because they show a permanently visible notification to the user and could therefore be stopped by the user at any time.

A researcher named Thomas Sutter found a race condition bug in the Foreground Notification services in early 2019 and disclosed the same in BlackHat EU 19, which was making the concept of Foreground Notifications in Android totally ineffective.

I will show you how I bypassed Google's patch for the bug Thomas found and made the foreground services ineffective again. I was also rewarded $5k from Google.

Bio:

My name is Rony Das, I am based out of Assam, India. I started my Infosec journey in 2013 and most of my research is into Mobile/Web application security. I love to learn and research about "how malware work" the same curiosity pushed me to research about Android-specific security features that are being implemented by Google.

Want to connect with Rony Das?