Like if nobody “asks” a piece of software to execute how does it get downloaded to my phone or PC and then execute it self ? I can understand attacks e.g where you download a jpeg and then click to open it and the jpeg had some extra malicious code in it etc, but without anybody “authorizing” anything how does the kernel allow the code to be run by the cpu etc ?
**EDIT** I am talking about forced entry zero click software like the one pegasus created for iphones
In: 190
Pegasus was the result of combining many different vulnerabilities together
The basic premise being that when you send a message the recipient phone does some form of processing on that received message. If you can find a way to carefully craft a message that takes advantage of a bug Inn the message processing code you can build upon it to perform more complex operations.
You can Google how Pegasus works, there are some fairly detailed documents out there
Latest Answers