Published On Nov 10, 2023
In this video, we take a deep dive into the inner mechanics of a double free vulnerability within Android OS, allowing attackers to gain complete access to any Android mobile phone with an RCE (remote code execution). This vulnerability was exploited by creating a custom GIF file and sending it to a user in WhatsApp. Whether you're a pen tester, security researcher, or cyber security expert, having a solid foundation in low level languages, especially C, is critical.
0:00 - Overview
0:35 - GIFs
1:02- GIFs within Android
2:10- Memory / Pointers
3:35 - Double Free
6:02 - WhatsApp Payload
8:24 - RCE
WE HAVE A DISCORD NOW! / discord
Original report by security researcher Awakened
https://awakened1712.github.io/hackin...
Double free within android-gif-drawable
https://github.com/koral--/android-gi...
MUSIC CREDITS:
LEMMiNO - Cipher
• LEMMiNO - Cipher (BGM)
CC BY-SA 4.0
LEMMiNO - Nocturnal
• LEMMiNO - Nocturnal (BGM)
CC BY-SA 4.0
#programming #software #softwareengineering #computerscience #code #programminglanguage #softwaredevelopment #hacking #hack #cybersecurity #exploit #tracking #softwareengineer #vulnerability #pentesting #privacy #spyware #malware #cyber #cyberattack #bugbounties #ethicalhacking #mobile #android #doublefree #malloc #realloc #GIF #mobilesecurity #lowlevelsecurity #zeroday #zero-day #cybersecurityexplained #bugbounty #compiler #memorymanagement #kernel #operatingsystems #OS