Explore a comprehensive analysis of Intent Message vulnerabilities in Android applications in this 17-minute Black Hat conference talk. Delve into the identification of common programming malpractices that introduce security flaws, and learn about the development of an effective static analyzer for automatic vulnerability detection. Discover how the research team demonstrates the real-world exploitability of these vulnerabilities through automatic payload generation. Gain insights into the formal approach used to reproduce dangerous behaviors in vulnerable apps, and understand the implications of insufficient sanity checks when receiving messages from unknown sources. Cover topics including Android components, attack models, UI targets, databases, remote target attacks, formal analysis, static analysis, and validation results.