Simple Exploit for Verification of CVE-2015-6606
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.idea
app
gradle/wrapper
.gitignore
LICENSE
README.md
build.gradle
gradle.properties
gradlew
gradlew.bat
omapi-cve-2015-6606-exploit.iml
settings.gradle

README.md

Simple Exploit for Verification of CVE-2015-6606

This is a simple exploit to verify a code injection vulnerability that exists in the SEEK smartcard service versions 3.1.0 and below (CVE-2015-6606, Google internal bug# ANDROID-22301786). The vulnerability allows specially crafted Android application packages to inject arbitrary code into the execution context of the smartcard system service. This code inherits all permissions granted to this system service, which include signature-or-system permissions that are not normally granted to third party apps.

Further details can be found in our report Executing Arbitrary Code in the Context of the Smartcard System Service (see literature section below).

DISCLAIMER

You are using this application at your own risk. We are not responsible for any damage caused by this application, incorrect usage or inaccuracies in this manual.

LITERATURE

  • CVE-2015-6606
  • Google: Nexus Security Bulletin - October 2015
  • M. Roland: "Executing Arbitrary Code in the Context of the Smartcard System Service," arXiv:1601.05833 [cs.CR], Computing Research Repository (CoRR), arXiv.org/corr, University of Applied Sciences Upper Austria, JR-Center u'smile, January 2016.
  • M. Roland and M. Hölzl: "Open Mobile API: Accessing the UICC on Android Devices," arXiv:1601.03027 [cs.CR], Computing Research Repository (CoRR), arXiv.org/corr, University of Applied Sciences Upper Austria, JR-Center u'smile, January 2016.

License: GNU General Public License v3.0