Android AddJavaScript Exploit

In this podcast, the speaker demonstrates the vulnerability that can be exploited due to a cross site scripting in web views JavaScript bridges. This vulnerability allows an attacker to run system commands using Java's reflection mechanism. The vulnerability lies in the fact that JavaScript can access Java objects using the bridge and this allows an attacker to execute system commands on a rooted as well as non-rooted phone.

Provided by: SecurityTube.net Topic: Software Date Added: Jan 2014 Format: Podcast

Find By Topic