IPC Analysis
Windows IPC
COM (Component Object Model) objects are a way to let processes call other processes. A process, that needs to call someone else loads a COM.dll into it’s address space.
Mobile IPC
Attacks
Attacking device
For this attack there are several types of attacker: β’ MiM, i.e. a sniffer. This person is using the same network and intercepting traffic. What does that attacker need? β’ Mobile phone is stolen β’ Exploit
Attacking applications
For this attack there are more types of attacker: β’ MiM - same network, certificate to install (if HTTP), setting attacker as proxy. If the person has enabled and forgotten to disable adb tcpip, you can connect from a trusted PC. β’ Stolen phone - PIN and DE circumvent, rooting (for acquiring some data), developerβs mode on β’ Malicious application - persuade the user to install an app. Preferably, gain maximum possible permissions. If rooted - big celebration. β’ Exploit - export written, physical access or access over network (depends on exploit), or malicious application installed (see above). β’ Malicious user - an application with bugs. For example, a user of e-banking has found a way to circumvent commission for transactions.