AirDroid Lock Screen Bypass

[Michael Wisniewski <wiz561 () gmail com>]

All,

I'm running AirDroid v2.1.0 on CleanROM 8.1 Core Edition.  On my phone
(Galaxy S3), I have a pattern lock screen enabled.

Vulnerability: When running AirDroid in the background and the phone
locks, you can use a web browser to connect to the phone.  On the
phone, you get the usual pop-up box that asks you to accept/reject the
request to connect.  If you accept the connection request, the web
browser will be granted full access to the phone, without having to
unlock it!  You can also configure AirDroid to not ask for
confirmation.  It's also unknown if it listens on the cell interface
or just the wifi interface.

Risk: The risk is that by running this program, a malicious user can
have access to the phone without having to go through the screen
unlock.

Vendor Contact: I contacted AirDroid through their web page about two
weeks ago and haven't heard any response from them yet.

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/