Exploring USB Connection Vulnerabilities on Android Devices - Breaches using the Android Debug Bridge

João Amarante, João Paulo Barros
2017 Proceedings of the 14th International Joint Conference on e-Business and Telecommunications  
The complexity of avoiding vulnerabilities in the modern mobile operating systems makes them vulnerable to many types of attacks. This paper presents preliminary work in the creation of scenarios to surreptitiously extract private data from smartphones running different versions of the Android Operating System. Three scenarios were already identified and a proof of concept script was developed, all based on the use of the Android Debug Bridge tool. When running in a computer, the script is able
more » ... to extract private data from a USB connected smartphone. In two scenarios it was possible to extract the information in a totally surreptitious way, without the user knowledge. In the third scenario, using a newer version of the Android operating system, a user action is needed which makes the attack less likely to succeed, but still possible.
doi:10.5220/0006475905720577 dblp:conf/secrypt/AmaranteB17 fatcat:nuw7xyqltfdcfjsatogkysfnf4