Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore advanced Android security exploitation techniques in this DEF CON 33 conference talk that demonstrates how to bypass Google's intent destination checks and achieve privilege escalation through the resurrected LaunchAnywhere vulnerability. Learn about the BadResolve exploitation technique that enables zero-permission applications to invoke protected activities with system-level privileges, circumventing security patches implemented by Google and device vendors. Discover how this method affects all Android versions, including Android 16, and understand the high-severity vulnerabilities that have been confirmed and patched by Google. Examine the evolution of Android security defenses and their limitations, while gaining insights into efficient vulnerability identification methods using LLM Agents and MCP for analyzing both AOSP and vendor-specific closed-source implementations. Master the technical details of intent destination check bypasses and understand how previously mitigated security risks can be exploited through novel attack vectors in modern Android systems.
