publications | Xianbo Wang

2025

USENIX

Universal Cross-app Attacks: Exploiting and Securing OAuth2.0 in Integration Platforms

Kaixuan Luo, Xianbo Wang, Adonis Fung, and 2 more authors

34th USENIX Security Symposium (USENIX Security 25), 2025

@article{LuoPlatformOAuth,
  title = {Universal Cross-app Attacks: Exploiting and Securing OAuth2.0 in Integration Platforms},
  author = {Luo, Kaixuan and Wang, Xianbo and Fung, Adonis and Lau, Wing Cheong and Lecomte, Julien},
  journal = {34th USENIX Security Symposium (USENIX Security 25)},
  year = {2025},
}

2024

Black Hat
One Hack to Rule Them All: Pervasive Account Takeovers in Integration Platforms for Workflow Automation, Virtual Voice Assistant, IoT, & LLM Services

Kaixuan Luo, Xianbo Wang, Adonis Fung, and 2 more authors

Black Hat USA Briefings, 2024

Abs Bib

Integration Platforms for Workflow Automation (e.g., Microsoft Power Automate), Virtual Voice Assistants (e.g., Amazon Alexa), Smart Homes (e.g., Google Home), and Large Language Model (LLM) platforms supporting Plugins (e.g. OpenAI ChatGPT), are becoming essential in our personal and professional lives. However, we find many of these platforms vulnerable to a new class of authorization attacks. As one of their core functions, integration platforms support "Account Linking" to connect end-users’ accounts at third-party services/apps (e.g., Gmail, Dropbox) to their platform account. This enables the platform to utilize and orchestrate a wide range of external services on behalf of the end-user. For example, users can configure Microsoft Power Automate to automatically send an email whenever a new GitHub issue is filed. Multi-party authorizations are known to be error-prone and should have gone through strict security scrutiny. Yet, with our newly discovered attacks, we successfully exploit the account linking mechanisms of 24 out of 25 mainstream integration platforms, resulting in account takeovers or privacy leakage of integrated apps/services. In this talk, we unveil how top-tier vendors improperly realize OAuth-based account linking under the new context of Integration Platforms. The failure to verify bindings with both the intended platform user and active third-party service/app compromises the session integrity of account linking. We detail the technical aspects of 3 attacks on integration platforms’ authorization frameworks: two enable account takeovers, and one leads to forced account linking of arbitrary services/apps. Notably, most attacks have easy-to-satisfy preconditions and can often be reduced to 1-click attacks. For instance, an attacker can compromise victims’ Microsoft 365 suite or Azure services with their single click on an unassuming link (a CVE with CVSS 9.6). We also offer our comprehensive insights into best security practices and mitigations and highlight some vendors’ invalid remedial attempts for each identified threat, benefiting the wider community.
@article{LuoOAuthBH, title = {One Hack to Rule Them All: Pervasive Account Takeovers in Integration Platforms for Workflow Automation, Virtual Voice Assistant, IoT, & LLM Services}, author = {Luo, Kaixuan and Wang, Xianbo and Fung, Adonis and Lecomte, Julien and Lau, Wing Cheong}, journal = {Black Hat USA Briefings}, year = {2024}, }
CCS
SWIDE: A Semantic-aware Detection Engine for Successful Web Injection Attacks

Ronghai Yang*, Xianbo Wang*, Kaixuan Luo, and 4 more authors
* indicates equal contribution
Proceedings ACM Conference on Computer and Communications Security (CCS), 2024

Abs Bib Website

Web attacks, a primary vector for system breaches, pose a significant challenge within the cybersecurity landscape. The growing intensity of web attack attempts has led to “alert fatigue” where enterprises are inundated by excessive alerts. Although extensive research is being conducted on automated methods for detecting web attacks, it remains an open problem to identify whether the attacks are successful. Towards this end, we present SWIDE (Successful Web Injection Detection Engine), an engine to pinpoint successful web injection attacks (e.g., PHP command injection, SQL injection). This enables enterprises to focus exclusively on those crucial threats. Our methodology builds on two insights: Firstly, while attackers tend to apply payload obfuscation techniques to evade detection, all successful web injection attacks must comply with the programming language syntax to be executable; Secondly, these attacks inevitably produce observable effects, such as returning execution result or creating backdoors for future access by the attacker. Consequently, we leverage advanced syntactic and semantic analysis to 1) detect malicious syntax features in obfuscated payloads and 2) perform semantic analysis of the payload to recover the intention of the attack. With a two-stage design, namely, attack identification and confirmation mechanisms, SWIDE can accurately identify successful attacks, even amidst intricate obfuscations. Unlike proof-of-concept studies, SWIDE has been deployed and validated in real-world environments through collaborations with a cybersecurity firm. Serving 5,045 enterprise users, our system identifies that roughly 15% of enterprises have suffered from successful attacks on a weekly basis - an alarmingly high rate. Moreover, we perform a detailed analysis of six months’ data and discover 60 zero-day vulnerabilities exploited in the wild, including 12 high-risk ones acknowledged by relevant authorities. These findings underscore the practical effectiveness of SWIDE.
@article{swide, title = {SWIDE: A Semantic-aware Detection Engine for Successful Web Injection Attacks}, author = {Yang*, Ronghai and Wang*, Xianbo and Luo, Kaixuan and Lei, Xin and Li, Ke and Lin, Jiayuan and Lau, Wing Cheong}, journal = {Proceedings ACM Conference on Computer and Communications Security (CCS)}, year = {2024}, equal = {true}, }
Living a Lie: Security Analysis of Facial Liveness Detection Systems in Mobile Apps

Xianbo Wang, Kaixuan Luo, and Wing Cheong Lau

International Conference on Applied Cryptography and Network Security, 2024

Abs Bib PDF

Mobile apps are embracing facial recognition technology to streamline the identity verification procedure for security-critical activities such as opening online bank accounts. To ensure the security of the system, liveness detection plays a vital role as an anti-spoofing component, verifying that a selfie provided is from a live individual. Emerging facial recognition companies offer convenient integration services through mobile libraries that are widely utilized by numerous apps in the market. By analyzing 18 mobile facial recognition libraries, we reveal the protocol design and implementation intricacies of various systems. The investigation leads to the discovery of several system security issues in over half of the libraries, predominantly linked to the liveness detection module. These vulnerabilities can be exploited for low-cost identity forgery attacks without relying on media synthesizing technologies like deepfake. We scan 18,096 apps from an app market and identify 802 apps incorporating recognized facial recognition libraries, with over 100 million total downloads. More than half of the libraries examined exhibit weak security, with about 40% downstream mobile apps being affected. This study emphasizes the importance of system security in mobile facial recognition services, as the practical impact can be on par with or even surpass the extensively studied machine learning attacks.
@article{LivingLieACNS, title = {Living a Lie: Security Analysis of Facial Liveness Detection Systems in Mobile Apps}, author = {Wang, Xianbo and Luo, Kaixuan and Lau, Wing Cheong}, journal = {International Conference on Applied Cryptography and Network Security}, year = {2024}, }

2023

Black Hat
The Living Dead: Hacking Mobile Face Recognition SDKs with Non-Deepfake Attacks

Xianbo Wang, Kaixuan Luo, and Wing Cheong Lau

Black Hat USA Briefings, 2023

Abs Bib Website Video

Face recognition is increasingly popular in mobile apps, especially for critical tasks like opening a bank account. To prevent identity spoof using injected images, liveness detection is crucial. This is particularly important due to the widespread availability of stolen identity documents and selfies on the black market. While many researchers have studied deepfake or presentation attacks that target machine learning models, few have addressed the protocol design or implementation issues in face recognition systems that can enable low-cost and easy-to-scale attacks. Starting from several real-world incidents of non-deepfake attacks, we will delve into the technical aspect of mobile face recognition spoofing. Our analysis of 18 mobile face recognition libraries, including those from industry leaders, reveals their security flaws that can result in liveness detection bypasses. After scanning more than 18,000 apps, we discovered approximately 1,000 apps that had face recognition libraries and a total of 100 million downloads. We conducted proof-of-concept identity forgery attacks against several popular apps. Without presenting in camera, we were able to complete identity verification by using only static photos of the "victim". Finally, we will provide reference protocol for secure face recognition systems in mobile apps, along with security caveats for implementation. With this talk, we hope to draw the community’s attention back on to the system security in the era of AI.
@article{LivingDeadBHUSA, title = {The Living Dead: Hacking Mobile Face Recognition SDKs with Non-Deepfake Attacks}, author = {Wang, Xianbo and Luo, Kaixuan and Lau, Wing Cheong}, journal = {Black Hat USA Briefings}, year = {2023}, video = {https://www.youtube.com/watch?v=nPE2AjNB2sI}, }

2022

NDSS
PHYjacking: Physical Input Hijacking for Zero-Permission Authorization Attacks on Android

Xianbo Wang, Shangcheng Shi, Yikang Chen, and 1 more author

Proceedings Network and Distributed System Security Symposium, 2022

Abs Bib PDF Website

Nowadays, most mobile devices are equipped with various hardware interfaces such as touchscreen, fingerprint scanner, camera and microphone to capture inputs from the user. Many mobile apps use these physical interfaces to receive user-input for authentication/authorization operations including one-click login, fingerprint-based payment approval, and face/voice unlocking. In this paper, we investigate the so-called PHYjacking attack where a victim is misled by a zero-permission malicious app to feed physical inputs to different hardware interfaces on a mobile device to result in unintended authorization. We analyze the protection mechanisms in Android for different types of physical input interfaces and introduce new techniques to bypass them. Specifically, we identify weaknesses in the existing protection schemes for the related system APIs and observe common pitfalls when apps implement physical-input-based authorization. Worse still, we discover a race-condition bug in Android that can be exploited even when app-based mitigations are properly implemented. Based on these findings, we introduce fingerprint-jacking and facejacking techniques and demonstrate their impact on real apps. We also discuss the feasibility of launching similar attacks against NFC and microphone inputs, as well as effective tapjacking attacks against Single Sign-On apps. We have designed a static analyzer to examine 3000+ real-world apps and find 44% of them contain PHYjacking-related implementation flaws. We demonstrate the practicality and potential impact of PHYjacking via proof-of-concept implementations which enable unauthorized money transfer on a payment app with over 800 million users, user-privacy leak from a social media app with over 400 million users and escalating app permissions in Android 11.
@article{Wang2022PHYjackingPI, title = {PHYjacking: Physical Input Hijacking for Zero-Permission Authorization Attacks on Android}, author = {Wang, Xianbo and Shi, Shangcheng and Chen, Yikang and Lau, Wing Cheong}, journal = {Proceedings Network and Distributed System Security Symposium}, year = {2022}, }

2021

USENIX
Scalable Detection of Promotional Website Defacements in Black Hat {SEO} Campaigns

Ronghai Yang*, Xianbo Wang*, Cheng Chi, and 4 more authors
* indicates equal contribution
In 30th USENIX Security Symposium (USENIX Security 21), 2021

Abs Bib PDF Slides

Miscreants from online underground economies regularly exploit website vulnerabilities and inject fraudulent content into victim web pages to promote illicit goods and services. Scalable detection of such promotional website defacements remains an open problem despite their prevalence in Black Hat Search Engine Optimization (SEO) campaigns. Adversaries often manage to inject content in a stealthy manner by obfuscating the description of illicit products and/or the presence of defacements to make them undetectable. In this paper, we design and implement DMoS—a Defacement Monitoring System which protects websites from promotional defacements at scale. Our design is based on two key observations: Firstly, for effective advertising, the obfuscated jargons of illicit goods or services need to be easily understood by their target customers (i.e., sharing similar shape or pronunciation). Secondly, to promote the underground business, the defacements are crafted to boost search engine ranking of the defaced web pages while trying to stay stealthy from the maintainers and legitimate users of the compromised websites. Leveraging these insights, we first follow the human convention and design a jargon normalization algorithm to map obfuscated jargons to their original forms. We then develop a tag embedding mechanism, which enables DMoS to focus more on those not-so-visually-obvious, yet site-ranking influential HTML tags (i.e., title, meta). Consequently, DMoS can reliably detect illicit content hidden in compromised web pages. In particular, we have deployed DMoS as a cloud-based monitoring service for a five-month trial run. It has analyzed more than 38 million web pages across 7000+ commercial Chinese websites and found defacements in 11% of these websites. It achieves a recall over 99% with a precision about 89%. While the original design of DMoS focuses on the detection of Chinese promotional defacements, we have extended the system and demonstrated its applicability for English website defacement detection via proof-of-concept experiments.
@inproceedings{yang2021scalable, title = {Scalable Detection of Promotional Website Defacements in Black Hat $\{$SEO$\}$ Campaigns}, author = {Yang*, Ronghai and Wang*, Xianbo and Chi, Cheng and Wang, Dawei and He, Jiawei and Pang, Siming and Lau, Wing Cheong}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, pages = {3703--3720}, year = {2021}, equal = {true}, }
ACNS
Breaking and Fixing Third-Party Payment Service for Mobile Apps

Shangcheng Shi, Xianbo Wang, and Wing Cheong Lau

In International Conference on Applied Cryptography and Network Security, 2021

Abs Bib PDF

Riding on the widespread user adoption of mobile payment, a growing number of mobile apps have integrated the service from third-party payment service providers or so-called Cashiers. Despite its prevalence and critical nature, no existing standard can guide the secure deployment of mobile payment. Thus, the protocol designs and implementations from different Cashiers are diverse. Given the complicated multi-party interactions in mobile payment, either the Cashiers or the apps may not fully consider various threat models, which enlarges the attack surface and causes the exploits with severe consequences, ranging from financial loss to privacy violations. In this paper, we perform an in-depth security analysis of real-world third-party payment services for mobile apps. Specifically, we examine the mobile payment systems from five top-tier Cashiers that serve over one billion users globally. Leveraging insecure protocol designs and practical implementation flaws, e.g., vulnerable backend SDKs for mobile apps, we have discovered six types of exploits. These exploits enable the attacker to violate user privacy and shop for free in the victim apps, affecting millions of users. Finally, we propose the fixings to defend against these exploits. We have shared our findings with the affected Cashiers and got their positive responses.
@inproceedings{shi2021breaking, title = {Breaking and Fixing Third-Party Payment Service for Mobile Apps}, author = {Shi, Shangcheng and Wang, Xianbo and Lau, Wing Cheong}, booktitle = {International Conference on Applied Cryptography and Network Security}, pages = {3--26}, year = {2021}, organization = {Springer}, }
SecureComm
An Empirical Study on Mobile Payment Credential Leaks and Their Exploits

Shangcheng Shi, Xianbo Wang, Kyle Zeng, and 2 more authors

In International Conference on Security and Privacy in Communication Systems, 2021

Abs Bib PDF

Recently, mobile apps increasingly integrate with payment services, enabling the user to pay orders with a third-party payment service provider, namely Cashier. During the payment process, both the app and Cashier rely on some credentials to secure the service. Despite the importance, many developers tend to overlook the protection of payment credentials and inadvertently expose them to the wild. Such leaks severely affect the security of end-users and the merchants associated with the apps, resulting in privacy violations and actual financial loss. In this paper, we study the payment credential leaks for four top-tiered Cashiers that serve over one billion users and tens of millions of merchants globally. Through studying practical mobile payment systems, we identify new leaking sources of payment credentials and find 4 types of exploits with severe consequences, which are caused by the credential leaks and additional implementation flaws. Besides, we design an automatic tool, PayKeyMiner, and use it to discover around 20,000 leaked payment credentials, affecting thousands of apps. We have reported our findings to the Cashiers. All of them have confirmed the issue and pledged to notify the affected merchant apps, while some of these apps have updated the leaked payment credentials afterward.
@inproceedings{shi2021empirical, title = {An Empirical Study on Mobile Payment Credential Leaks and Their Exploits}, author = {Shi, Shangcheng and Wang, Xianbo and Zeng, Kyle and Yang, Ronghai and Lau, Wing Cheong}, booktitle = {International Conference on Security and Privacy in Communication Systems}, pages = {79--98}, year = {2021}, organization = {Springer}, }
Black Hat
Mining and Exploiting (Mobile) Payment Credential Leaks in the Wild

Shangcheng Shi, Xianbo Wang, and Wing Cheong Lau

Black Hat Asia Briefings, 2021

Abs Bib PDF Slides

Over the past decade, an increasing number of mobile apps have integrated the third-party payment function from service providers or so-called Cashiers. Thus, end-users can perform the payment within the smartphone through these Cashiers readily. To secure their services, the Cashiers define various payment credentials, e.g., PKCS#12 certificates, and share them with mobile apps for authentication and authorization operations, such as refund. Despite the security-critical nature of these payment credentials, the existing works focus on the specific credential leaks from known sources, e.g., Android APKs or GitHub. In contrast, little effort has been spent to study the prevalence of payment credential leaks in the wild and their security impacts. In this talk, we begin by giving the background of the mobile payment service from four first-tier Cashiers that serve over 1 billion users globally. After that, we introduce the potential leaking sources of the payment credentials, including the new ones that have not been investigated on a large scale before. For example, we find that the backend servers of mobile apps can expose payment credentials to the public inadvertently. Then, we describe four exploits enabled by the payment credential leaks when combining other implementation flaws. These exploits all bring about serious consequences, ranging from direct financial loss to the mobile apps to privacy violations for end-users. Specifically, with the leaked payment credentials, the attacker may steal money from the account of the mobile apps directly and obtain all the user payment records. Further, we design and implement an automatic tool to conduct credential mining from public VCS and APKs at a market scale. Consequently, we discovered around 20,000 leaked payment credentials, affecting thousands of apps and millions of end-users. We have made the responsible disclosure to the Cashiers, and some leaking apps revoked their credentials afterward.
@article{PaymentBH2021, title = {Mining and Exploiting (Mobile) Payment Credential Leaks in the Wild}, author = {Shi, Shangcheng and Wang, Xianbo and Lau, Wing Cheong}, journal = {Black Hat Asia Briefings}, year = {2021}, }

2020

Evading Web Application Firewalls with Reinforcement Learning

Xianbo Wang, and Han Hu

Technical Report, 2020

Abs Bib PDF

Web Application Firewalls (WAF) are widely deployed to protect web servers from security threats like SQL injections. WAF products employ various techniques, e.g., syntax signature and machine learning, to detect and block suspicious web traffics. However, no WAF can be absolutely secure, there are always space for adversaries to craft malicious messages that can evade the detection. In the past, most evasion techniques are developed manually, which requires labour and intelligence. In this work, we propose to explore the possibility of automating the process of WAF evasion using reinforcement learning. We created a reinforcement learning environment (based on OpenAI gym) for WAF evasion tasks and evaluate various mainstream WAF products with Proximal Policy Optimization (PPO) algorithm. Our framework successfully discovered numbers of evasion payloads for each WAF in our experiments and can significantly outperform baseline policy. Finally, we extract common patterns from the discovered evasion payloads and discuss weaknesses/flaws of existing WAF products as well as suggested improvements.
@article{Wang2020EvadingWA, title = {Evading Web Application Firewalls with Reinforcement Learning}, author = {Wang, Xianbo and Hu, Han}, journal = {Technical Report}, year = {2020}, }
Black Hat
Fingerprint-Jacking: Practical Fingerprint Authorization Hijacking in Android Apps

Xianbo Wang, Yikang Chen, Ronghai Yang, and 2 more authors

Black Hat Europe Briefings, 2020

Abs Bib Slides Video

Many mobile devices carry a fingerprint scanner nowadays. Mobile apps utilize the fingerprint scanner to facilitate operations such as account login and payment authorization. Despite its security-critical nature, relatively little effort has been devoted to the security analysis of fingerprint scanner, especially from the system security aspect. In this paper, we introduce fingerprint-jacking, a type of User-Interface-based (UI) attack that targets fingerprint hijacking in Android apps. We coin the term from clickjacking, as our attack also conceals the original interface beneath a fake covering. Specifically, we discover five novel attack techniques, all of which can be launched from zero-permission malicious apps and some can even bypass the latest countermeasures in Android 9+. Our race-attack is effective against all apps that integrate the fingerprint API. As apps’ implementation flaws intensify the fingerprint-jacking vulnerability, we have designed a static analyzer to efficiently identify apps with implementation flaws that can lead to fingerprint-jacking. In our evaluation of 1630 Android apps that utilize the fingerprint API, we found 347 (21.3%) apps with different implementation issues. We have successfully performed proof-of-concept attacks on some popular apps, including stealing money via a payment app with over 100,000,000 users, gaining root access in the most widely used root manager app, and much more. We have also reported related vulnerability to Google, which is identified as CVE-2020-27059 and will be fixed in next Android patch release. Finally, we give guidance to Android app developers for secure fingerprint implementation.
@article{FingerjackingBH2020, title = {Fingerprint-Jacking: Practical Fingerprint Authorization Hijacking in Android Apps}, author = {Wang, Xianbo and Chen, Yikang and Yang, Ronghai and Shi, Shangcheng and Lau, Wing Cheong}, journal = {Black Hat Europe Briefings}, year = {2020}, video = {https://www.youtube.com/watch?v=P5VAwTEIte0} }

2019

AsiaCCS
MoSSOT: An automated blackbox tester for single sign-on vulnerabilities in mobile applications

Shangcheng Shi, Xianbo Wang, and Wing Cheong Lau

In Proceedings of the ACM Asia Conference on Computer and Communications Security, 2019

Abs Bib PDF Code

Mobile applications today increasingly integrate Single Sign-On (SSO) into their account management mechanisms. Unfortunately, the involved multi-party protocol, i.e., OAuth 2.0, was originally designed to serve websites for authorization purpose. Due to the complexity of the adapted protocol, a large number of insecure SSO implementations still exist in the wild. Although the security testing for real-world SSO deployments has attracted considerable attention in recent years, existing work either focuses on websites or relies on the manual discovery of specific and previously-known vulnerabilities. In the paper, we design and implement MoSSOT (Mobile SSO Tester), an automated blackbox security testing tool for Android applications utilizing the SSO services from three mainstream service providers. The tool detects the vulnerabilities within the practical SSO implementations by fuzzing related network messages. We used MoSSOT to examine over 500 first-tier third-party Android applications from US and Chinese app markets. According to the test result, around 72% of the tested applications incorrectly implement SSO and are thus vulnerable. Besides, our test identifies an unknown vulnerability as well as a new variant, in addition to four known ones. The vulnerabilities enable the attacker to illegally log into the mobile applications as the victims or gain access to the protected resources. MoSSOT has been released as an open-source project.
@inproceedings{shi2019mossot, title = {MoSSOT: An automated blackbox tester for single sign-on vulnerabilities in mobile applications}, author = {Shi, Shangcheng and Wang, Xianbo and Lau, Wing Cheong}, booktitle = {Proceedings of the ACM Asia Conference on Computer and Communications Security}, pages = {269--282}, year = {2019}, }
Black Hat
Make Redirection Evil Again: URL Parser Issues in OAuth

Xianbo Wang, Shangcheng Shi, Ronghai Yang, and 1 more author

Black Hat Asia Briefings, 2019

Abs Bib PDF Code Slides

Since 2012, OAuth 2.0 has been widely deployed by online service providers worldwide. Security-related headlines related to OAuth showed up from time to time, and most problems were caused by incorrect implementations of the protocol. The User-Agent Redirection mechanism in OAuth is one of the weaker links as it is difficult for developers and operators to realize, understand and implement all the subtle but critical requirements properly. In this talk, we begin by tracing the history of the security community’s understanding of OAuth redirection threats. The resultant evolution of the OAuth specification, as well as the best current practice on its implementation, will also be discussed. We then introduce new OAuth redirection attack techniques which exploit the interaction of URL parsing problems with redirection handling in mainstream browsers or mobile apps. In particular, some attacks leverage our newly discovered URL interpretation bugs in mainstream browsers or Android platform (The latter were independently discovered and have been patched recently). Our empirical study on 50 OAuth service providers worldwide found that numerous top-tiered providers with over 10,000 OAuth client apps and 10’s of millions of end-users are vulnerable to this new attack with severe impact. In particular, it enables the attacker to hijack 3rd party (Relying party) application accounts, gain access to sensitive private information, or even perform privileged actions on behalf of the victim users.
@article{RedirectionBH2019, title = {Make Redirection Evil Again: URL Parser Issues in OAuth}, author = {Wang, Xianbo and Shi, Shangcheng and Yang, Ronghai and Lau, Wing Cheong}, journal = {Black Hat Asia Briefings}, year = {2019}, }