Exploits / Vulnerability Discovered : 2021-02-15 |
Type : local |
Platform : android
This exploit / vulnerability Tasks 9.7.3 insecure permissions is for educational purposes only and if it is used you will do on your own risk!
Any installed application on a victim's phone can add arbitrary tasks to users through insecure IPC handling.
A malicious application has several ways of how to achieve that:
1. By sending multiple intents to ShareLink activity (com/todoroo/astrid/activity/ShareLinkActivity.java). Tasks application adds the first requested "task" to the user's task list.
2. By sending an intent to VoiceCommand activity (org/tasks/voice/VoiceCommandActivity.java). The application does not validate intent's origin, so any application can append tasks to the user's task list.
We used the Drozer application to emulate malicious app activity. Please find the commands below.