Experimental android hacking using reflection
•
5 gefällt mir•5,263 views
Describe a hacking using JAVA reflection which is useful for various experiments
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Andere mochten auch
Andere mochten auch (20)
Ähnlich wie Experimental android hacking using reflection
Ähnlich wie Experimental android hacking using reflection (20)
Mehr von SeongJae Park
Mehr von SeongJae Park (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Experimental android hacking using reflection
- 1. Experimental Android Hacking Using Reflection SeongJae Park, Heon Yeom, Seoul National University
- 2. Hidden Android Features Unsecure, Or Unmatured Features Hidden From Developers Need Such Features On Lots Of Researching
- 3. Rooting / System Modification ● Pros ○ Able to Use Hidden Features ○ No Limitation At All ● Cons ○ Environment Is Different With Real Market Device
- 4. How Android Hide Features 3rd Party Application Use SDK Framework Interface Built-in Application Uses Built-in Framework Interface SDK Framework Interface != Built-in Framework Interface
- 5. Android Basic Structure 3rd Party Developer Application Built-in Application SDK Framework Interface Built-in Framework Interface On-Device Framework Binder System Process System Process Device System Process
- 6. Java Reflection ● Examine or Modify Behavior Of Application ○ Type Checking ○ Debugging ○ Test
- 7. Java Reflection ● Pros ○ Unlimited Freedom ● Cons ○ Performance Overhead ○ Weak Security Available ○ Unexpected Side-Effect
- 8. Android Hacking Using Reflection Change SDK Framework Interface into OnDevice Framework Interface 3rd Party Developer Application Built-in Application SDK Framework Interface Built-in Framework Interface Reflection On-Device Framework
- 9. Android Hacking Using Reflection TelephonyMaanger telephonyManager = (TelephonyManager)getSystemService( Context.TELEPHONY_SERVICE); try { Class c = Class.forName(telephonyManager. getClass().getName()); Method m = c.getDeclaredMethod("getITelephony"); m.setAccessible(true); ITelephony telephony = (ITelephony)m.invoke( telephonyManager); telephony.endCall(); } catch (Throwable e) {}
- 10. Restriction Of Reflection Using Hack ● Performance Overhead ● May Not Success On Every Machine ○ Manufacturer’s Device Use Modified Android ● May Not Success On Latest Android