CVE-2013-4787

Android 1.6-4.2 - Unauthenticated Arbitrary Code Execution via APK Signature Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4787. PoCs published by Bluebox Security.

AI-analyzed exploit summary This exploit leverages a security bypass vulnerability in Android (CVE-2013-4787) by repackaging an APK with additional files, allowing unauthorized actions. It uses apktool to decompile, modify, and recompile the APK, then injects arbitrary files into the final package.

Description

Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic signature, probably involving multiple entries in a Zip file with the same name in which one entry is validated but the other entry is installed, aka Android security bug 8219321 and the "Master Key" vulnerability.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Bluebox Security · bashremoteandroid

https://www.exploit-db.com/exploits/38627

View Code ZIP pw:eip

This exploit leverages a security bypass vulnerability in Android (CVE-2013-4787) by repackaging an APK with additional files, allowing unauthorized actions. It uses apktool to decompile, modify, and recompile the APK, then injects arbitrary files into the final package.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Android (versions affected by CVE-2013-4787)

No auth needed

Prerequisites: apktool.jar · Python · target APK file

MITRE ATT&CK