MMS Spoofing in Android Oreo!

email-scam-linkin

Disclaimer

The research was done completely for education purposes only. Author is not responsible for your actions. Any content or script is prohibited from using illegal social engineering, spamming or any other malicious purposes.

 

Let’s go!

This is a fun project that I have been working in 2016. By adding an additional “/” character in the MMS sender address, I was able to spoof the sender in both Android and Windows Phones. I haven’t verified yet does latest windows phones still have this bug hence it is not  interesting too much. On Android latest Oreo 8.1.0 is still vulnerable for MMS spoofing! and this bug had existed for two years at least.

To verify where the bug is occurring, we need to check mmssms database and more several stuff hence this is happening in both platforms. I reported to the Android Security Team and they researched on this and their response was this is an app specific error instead of the Android platform.

Capture

Louis-C.K.-WTF

The situation is quite complicated and need to investigate more and figure that out. But it’s not a problem to have fun with this 😉 . If you guys have whatever updates regarding this, please hit me (akiladananjaya79@gmail.com) I would love to hear.

Note that this is not a bug in local Internet Service Provider because we (@OsandaMalith) checked with different platforms such as iPhone etc,  they gently handled the additional character.

 

Steps to reproduce

I have published a script to reproduce this in GitHub . Then need to check are there any MMS gateways available to deliver the MMS to the mobile. To send the mms using an email service I decided to go for FastMail by referring their email structures in RFC documents because service should accept “/” character.

Have Fun ^-^

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s