Resources
- https://book.hacktricks.xyz/mobile-apps-pentesting/android-app-pentesting/android-task-hijacking
- https://medium.com/android-news/android-activity-launch-mode-e0df1aa72242
- https://blog.dixitaditya.com/android-task-hijacking?x-host=blog.dixitaditya.com
- https://medium.com/mobile-app-development-publication/the-risk-of-android-strandhogg-security-issue-and-how-it-can-be-mitigated-80d2ddb4af06
Tasks and the back stack
- https://developer.android.com/guide/components/activities/tasks-and-back-stack
Proof of Concept
Task Affinity:
<activity android:taskAffinity=""/><allowTaskReparenting = "true">- Various task control knobs exist that can be used to abuse a task hijacking attack
- https://www.usenix.org/sites/default/files/conference/protected-files/sec15_slides_ren.pdf Launch Mode: singleTask
https://github.com/az0mb13/Task_Hijacking_Strandhogg