Android Root and its Providers: A Double-Edged Sword

4 years 6 months ago
Android Root and its Providers: A Double-Edged Sword
Android root is the voluntary and legitimate process of gaining the highest privilege and full control over a user’s Android device. To facilitate the popular demand, a unique Android root ecosystem has formed where a variety of root providers begin to offer root as a service. Even though legitimate, many convenient one-click root methods operate by exploiting vulnerabilities in the Android system. If not carefully controlled, such exploits can be abused by malware author to gain unauthorized root privilege. To understand such risks, we undertake a study on a number of popular yet mysterious Android root providers focusing on 1) if their exploits are adequately protected. 2) the relationship between their proprietary exploits and publicly available ones. We find that even though protections are usually employed, the effort is substantially undermined by a few systematic and sometimes obvious weaknesses we discover. From one large provider, we are able to extract more than 160 exp...
Hang Zhang, Dongdong She, Zhiyun Qian
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where CCS
Authors Hang Zhang, Dongdong She, Zhiyun Qian
Comments (0)