TLDR; We began our work on Samsung immediately after the release of the Pwn2Own Toronto 2022 target list. In this article, we will dive into the details of an open-redirect vulnerability discovered during the Pwn2Own 2022 event and how we exploited it on a Samsung S22 device. By breaking down the technical aspects and using code snippets, we aim to provide a comprehensive overview of this critical security flaw. To begin, I revisited our team’s paper (written by Li Jiantao and Nguyễn Hoà...
