Metasploit module for the addJavascriptInterface

Joshua J. Drake: Hey all! I’ve managed to develop a Metasploit module that exploits the addJavascriptInterface issue! I’ve successfully demonstrated the attack by performing a MITM attack against Fruit Ninja! Remember, MITM is possible through a plethora of means (as +mike kershaw metioned in his recent post), such as DNS hijacking/spoofing/poisioning, ARP spoofing, WiFi injection, backbone trickery, base stations, and more. Although it only gives a shell as the application UID, it could be paired with a privilege escalation issue to yield a remote root shell (such as from one of
+Justin Case or +Dan Rosenberg’s exploits).

 

PS. Working on this has me absolutely frightened of all the traffic coming out of my device!