(Theory) Introducing a Vulnerability Through System APK Replacement

[greyreap]

This is just a theory, I'm no dev. So my question is to the devs.

Would it be possible to modify a system APK, adding an exploitable vulnerability, and replace it.

Replacing the existing market with the new one was simple, and I know some system APKs can be modified in an archive program without screwing up the signature. In theory shouldn't it be possible to introduce a vulnerability this way?

Let me know what you think.

 

[WilfulHippo]

Why don't you try to decompile it and see its simple


Sent from my DROIDX using DroidForums

 

[greyreap]

I'm not saying to modify the application itself, I mean would this be possible through modification of the files within the APK, i.e. the application resources.

But thanks for the oh so helpful reply.

 

[nerdslogic]

I am no dev but I would imagine that approach might have been explored. But I could be wrong and we could all be thanking you soon. Who knows. Good question though.

I think there is a reliance on the SBF though for the most part if the boot loader isn't the target and only root is.

 

[Raptor007]

If you could create an exploit in the market app, wouldn't that be closed up the next time its updated by Google? It would require constant cat and mouse moves.

 

[neonerz]

You'd need root to be able to replace a system app with a new one. But then it wouldn't really do anything since even system apps don't have root, replacing a system app wouldn't gain you any advantages over just installing a new APK would.

 

[evulhotdog]

So system apps don't have root or even higher permissions over user apps or anything

Sent from my DROID3 using Tapatalk

 

[greyreap]

Root isn't required to replace a system app (using the installer, not placing it) however I don't know what permissions system apps have although I would assume they have root access.

Oh well, I didn't know whether this would be an option or not. It sounds like a no go.