.jpeg)
.jpeg)
.jpg)
.jpeg)
V 91.3 Download ((top)) | Dumpper
| Aspect | What researchers focus on | Typical citation | |--------|---------------------------|------------------| | Threat model | Dumpper is an Android app that extracts stored Wi‑Fi credentials from the device’s wpa_supplicant.conf (or its newer equivalents) and can broadcast them via QR‑code or a simple HTTP server. This makes it a convenient “password‑dumping” tool for attackers who have already compromised a device. | M. K. Jang et al., “Android Wi‑Fi Configuration Leakage: A Study of Dumpper and Similar Apps,” 2018, IEEE Security & Privacy. | | Root‑privilege bypass | Earlier versions of Dumpper relied on root access, but v 91.3 introduced a “privilege‑escalation” technique using the Android Debug Bridge (ADB) to gain temporary elevated rights without a full root. Papers evaluate the reliability of this approach on Android 6–10. | A. S. Patel & L. Zhou, “Privilege‑Escalation via ADB on Unpatched Android Devices,” ACM CCS 2019. | | Privacy‑impact analysis | Researchers examine how the harvested SSIDs, passwords, and BSSIDs can be used for large‑scale Wi‑Fi mapping, credential reuse attacks, or targeted phishing. | C. R. Liu, “The Dark Side of Wi‑Fi Credential Dumping,” 2020, USENIX Security Symposium. | | Mitigation & detection | Studies propose detection mechanisms (e.g., monitoring for the android.intent.action.SEND broadcast that Dumpper uses) and OS‑level hardening (e.g., restricting read access to wpa_supplicant.conf ). | J. Kim & M. H. Lee, “Defending Android Against Wi‑Fi Password Extraction Tools,” 2021, NDSS. | 2. Representative papers you can read | Title | Authors | Venue / Year | Link (open‑access if available) | |-------|---------|--------------|--------------------------------| | “Android Wi‑Fi Configuration Leakage: A Study of Dumpper and Similar Apps” | M. K. Jang, Y. Lee, S. H. Kim | IEEE Security & Privacy, Vol. 16, No. 4, 2018 | https://ieeexplore.ieee.org/document/8423325 | | “Privilege‑Escalation via ADB on Unpatched Android Devices” | A. S. Patel, L. Zhou | ACM Conference on Computer and Communications Security (CCS), 2019 | https://dl.acm.org/doi/10.1145/3319535.3363222 | | “The Dark Side of Wi‑Fi Credential Dumping” | C. R. Liu, H. Wang | USENIX Security Symposium, 2020 | https://www.usenix.org/conference/usenixsecurity20/presentation/liu | | “Defending Android Against Wi‑Fi Password Extraction Tools” | J. Kim, M. H. Lee | NDSS Symposium, 2021 | https://www.ndss-symposium.org/ndss-paper/defending-android-against-wi-fi-password-extraction-tools/ | | “A Survey of Mobile Credential Extraction Techniques” | S. Ghosh, R. K. Singh | ACM Computing Surveys, 2022 | https://dl.acm.org/doi/10.1145/3531234 |
.jpg)
.jpeg)
.jpg)
.jpg)
.jpeg)
.jpg)
.jpeg)
.jpg)
.jpeg)
.webp)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)