what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Xamarin DLL Hijack

Xamarin DLL Hijack
Posted May 19, 2015
Authored by ValdikSS

Xamarin for Android prior to version 5.1 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | a0f1a9814fd00d0067ec5b49f729c80e8d3a8525446ee51c013d5fe69d4c89f0

Xamarin DLL Hijack

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Xamarin for Android prior to version 5.1 allows to replace internal DLL files inside the APK with files on SD card which are not in a secure storage.
Malicious application without any special permissions could drop backdoored DLL files into

/storage/sdcard0/Android/data/app_id/files/.__override__/

and the victim application would use files from SD.
Not just the main application library could be hijacked, but also Xamarin's System.dll and Mono.Android.dll, which are shipped in all Xamarin for Android
applications.

Developers should rebuild their applications using Xamarin for Android 5.1 or newer in the release mode.

This vulnerability was found by accident, which allowed me to eat for free for a month.

Timeline:
03.04.2015 Vulnerability is found
07.04.2015 Message sent to Xamarin
08.04.2015 Xamarin acknowledged the vulnerability
29.04.2015 Fixed stable version released

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: https://keybase.io/valdikss

iQIcBAEBCAAGBQJVWz98AAoJEFzXIC7viPdyP3wP/3Vxrc0hHZATTfkCVq688sJa
/NI2Z7cdRf3cpHSLCciWbtcNK82uE6qmHisFwUQGA5xvljhrkAXLPa2xG3wShmXq
G5ID3WexMWgTfLqYwOi/4fq1jpfeEg5vpDFAhj0JuWAvZg1zOwFBQ7UdT6G/eu1C
+Dgmk1qpvLcPkKOrh2i4xwqkDfqNfADfK7ekjeqMZe70tC95eHLeRWzVEmi+hCC3
zLwnuprHOEQ/CGeKiQJzePExARFyIfS/kuV+YPdw14gmEOwKAfFymuaxYqULqaxS
H6RdUJp2SZT5cf0RSlA7zqPhX8fqnkiBiCpd8BstoANl+dFvnggVks6PWovBm8aW
huYqscwDZ0pGG8kV5lPO/9fE2P/1nm9B1h9tOcycD8gpM7inbDy6WoETwO0KZOlx
qsetTdYt4PA5V6Wn6wks4R9iPZy7bFlqzrGWLWFY9FYV7a0cZoDi7eY8bNhxFj/T
g3M1ruIIRVxriyFjcfmq2nWw0rMFhiaDdb/GuQEmtN8b2CQRQmiBrvP1uC2zkOhW
ijdYsN7SMjvLTch3n6TU3ycibB0uEp03Jgm2+wRzZj5VQXUHR7BFzhh74UeeAriT
K7EialPddQzxPFS0ufTGQ1JFfjJP3bgZFLDwbJVt/WLwsgQpLmXcTjHub56lr87y
xQmqbzDDykOJ92uZEJ4X
=vW6d
-----END PGP SIGNATURE-----



Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close