Exploiting the Dolphin Browser for Android’s Backup & Restore Feature
In this blog post, we will cover the vulnerability's technical details on exploiting the Dolphin Browser for Android's Backup and Restore feature. The post Exploiting the Dolphin Browser for Android’s...
View ArticleDolphin Browser for Android
The Dolphin Browser for Android 12.0.2 suffers from an insecure parsing implementation of the Intent URI scheme. This vulnerability could allow attackers to abuse this implementation through a...
View ArticleFoxit MobilePDF for Android
The Foxit MobilePDF for Android suffers from a path traversal vulnerability in its WiFi Transfer feature. An attacker can use escape characters in URI(s) that are processed by the WiFI Transfer feature...
View ArticleDolphin Browser for Android
The Backup and Restore feature in Mobotap's Dolphin Browser for Android 12.0.2, suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin...
View ArticleGoing Back in Time to Abuse Android’s JIT
On the shoulders of giants, this presentation will take a deep dive into the Dalvik Virtual Machine’s JIT implementation and how it can be used and abused to execute shellcode. The post Going Back in...
View ArticleDeep Dive into the Dalvik Virtual Machine’s JIT Implementation
VerSprite’s Director of Security Research, Ben Watson, takes a deep dive into the Dalvik Virtual Machine’s JIT implementation and how it can be used and abused to execute shellcode. The post Deep Dive...
View ArticleWhy Androids are a Prime Target for Hackers
The Android operating system and the mobile devices it runs on dominate the market in comparison to other device manufactures. Along with the market share, the Android ecosystem is heavily fragmented;...
View ArticleJSON Deserialization Memory Corruption Vulnerabilities
In this blog post, we will cover the types of memory corruption scenarios that can be triggered through deserializing untrusted JSON in the Jackson, FlexJSON, and json-io libraries on Android. The post...
View ArticleHacking an Aftermarket Remote Start System
In part two of this series, we’ll dive deeper into the technical specifications of the CarLinkBT module. We’ll also discuss the dynamic analysis and testing performed to confirm our findings. Finally,...
View ArticleWhat is Responsible Disclosure?
What is responsible disclosure? In this article, VerSprite will outline a typical process for zero-day vulnerability reporting, the ethics behind hacking, and provide real-world examples of our...
View Article
