Vulmon
pinduoduo backdoor
拼多多app中提权和获取数据操作的复现DEMO,含源码和演示视频 本项目结合前人的脱壳及分析经验,利用从拼多多app中提取的恶意代码,现实获取用户手机中登录的微博账号功能。演示了拼多多app如何利用漏洞攻击用户手机,取得高权限,从而获取用户数据等操作。 致敬对抗网络黑恶势
In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569449
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
google android 13.0 |