Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a comprehensive security research presentation that uncovers critical vulnerabilities in Google's Quick Share file-sharing protocol. Learn how researchers discovered 10 vulnerabilities across Windows and Android platforms through systematic protocol analysis using Protobuf-based communication hooks and custom fuzzing tools. Discover the development of QuickShell, a sophisticated Remote Code Execution (RCE) attack chain that combines five distinct vulnerabilities to compromise Windows systems running Quick Share. Examine the researchers' methodology for studying Quick Share's protocol architecture, building communication tools for device interaction, and developing specialized fuzzers that revealed both crash-inducing bugs and logic vulnerabilities. Understand how attackers can remotely write files without user approval, force application crashes, redirect network traffic to malicious WiFi access points, and perform path traversal attacks to access user directories. Gain insights into a novel HTTPS Man-in-the-Middle technique and witness the complete demonstration of the complex vulnerability chain that achieves remote code execution on target systems.
