Where is the Android vulnerability poc?

A few days ago, Pau Oliva Fora, a security researcher at Via Forensics, released a proof-of-concept module on GitHub, which can exploit the vulnerability of verifying the authenticity of signatures. The proof-of-concept attack uses the open source Android reverse engineering tool APK, which can reverse engineer, decompile and recompile binary Android applications with closed source code.

Fora's script allows users to inject malicious code during recompilation, and the final compiled binary program has the same encryption signature as the original legal application.

Google said that it provided patches to OEMs and operators as early as March this year. For example, Samsung has released updates to users, but due to the fragmentation of Android system, a large number of users have not updated.

Is it true that Brother Crow opens pirated cards?

Sorry, can you help me get a free personalized signature? Name: Lu Yahong.

Thanks!

2022 high-sweet literary sentences suitable for 520 officially announced friends circle.

2012 65438+February 28th 17: 08, male, surnamed Lin. It is best to use the word "fire" in five lines. It is also best to bring a name (Qin Dong). thank you

How to register a company?

Where can I see the brand on the alto saxophone?

How to sign the parents' signatures? Urgent! ! !

Personal signature function of enterprise WeChat

Signing Rondo and Cousins ??will make it difficult for the Clippers to break out of the Western Conference

The fastest man in the world, 100 km.