-
unlocked-bootloader-backdoor-demo
Installs a persistent backdoor binary on android devices with unlocked bootloader via TWRP that runs as system daemon with root permissions and without SELinux restrictions
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
I have made a research and created a proof-of-concept how an android device with an unlocked bootloader (which means that we talk about almost any device using custom ROM, root, etc) in case an adversary has a temporary physical access to it (a couple of minutes is enough) can be silently injected with a backdoor that will be successfully installed in almost any case, no matter which OS version it has, no matter if it’s encrypted or not, no matter if it has root or not. I have written an article about it. You can check it here (I’m sorry, it’s only in russian, but the google translate should work) and get the code here to test it yourself.