src/ht-webkit-Android4-src/SUPPORT_INSTALL
This Android remote exploit targets the default browser installed on
Android 4 devices up to version 4.3.*.
In order for the exploit to be effective, customers must provide an
URL that the target's browser will automatically load after successful
exploitation or in case of error.
Customers must as well provide the Apk that will be installed on
target's device, upon a successful execution of the exploit. Such a
file can be generated directly from the RCS console by selecting a
mobile factory, clicking on "Build", selecting "Installation
Package" -> "Android" -> "Create..." and extracting the file called
<name>.v2.apk from the generated zip archive.
HT will then provide a URL where the exploit is hosted. A link
pointing to the exploit can finally be sent to the target, for
instance via sms or email. The full exploit will be served exclusively
to Android 4.0.*-4.3.* devices. If the exploit URL is visited from a
different browser or device no payload will be executed and the
redirect will happen immediately.
Kind regards