SlideShare ist ein Scribd-Unternehmen logo

DefCamp 2013 - Android hacking techniques

DefCamp
DefCamp
TechnologieNews & Politik
1 von 14
Downloaden Sie, um offline zu lesen
Android hacking techniques Marius Barat Alexandru Citea Bitdefender Anti-Malware Laboratories, Romˆnia a Nov 30th, 2013 Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 1 / 14
Agenda 1 Motivation Global devices evolution Operating systems market share 2 Repackaging an APK What is a repackage? White hat Grey hat Black hat Android repackaging. The on-device way 3 Applovin/Vulna vulnerability 4 Questions & Answers Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 2 / 14
1. Motivation Marius Barat Alexandru Citea 1.1. Global devices evolution Android hacking techniques Nov 30th, 2013 3 / 14
1. Motivation 1.2. Operating systems market share International Data Corporation (IDC) - Smartphones OS statistics Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 4 / 14
2. Repackaging an APK 2.1. What is a repackage? Decompile or Disassemble the APK Modify the smali/java code Add new functionalities and new resources Adjust permissions Repack and Resign the APK Tools: ApkTool, APK OneClick Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 5 / 14
2. Repackaging an APK 2.2. White hat Cheetah Theme for Facebook Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 6 / 14
2. Repackaging an APK 2.2. White hat Green W Socialize for Facebook Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 7 / 14
2. Repackaging an APK 2.3. Grey hat Add a new Advertising SDK Change the Advertiser ID from the original app Most used adware SDKs: Airpush Apperhand InMobi Leadbolt Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 8 / 14
2. Repackaging an APK 2.4. Black hat More than 1 percent of some 420,646 apps are stolen from other developers and re-engineered for illicit gains Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 9 / 14
2. Repackaging an APK 2.4. Black hat The original application developer loses a lot of money and client The repackaged app is often distributed as a free app: contains Advertising SDKs contains code for stealing sensitive data from the device Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 10 / 14
2. Repackaging an APK 2.4. Black hat Having enough permissions, even if the device is not rooted, sensitive data can be stolen: Mail accounts, passwords and mails are located in: Data/data/com.android.email/databases/EmailProvider.db Facebook messages, contacts, photos urls are located in: Data/data/com.facebook.katana/databases in databases: contacts db2, threads db2 Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 11 / 14
2. Repackaging an APK 2.5. Android repackaging. The on-device way Modify on-the-system apks to inject a payload Repack and resign, replace the original apk Possibly clean your own app of the payload (repackage yourself after injection without the malicious code) The payload could represent anything. you can easily modify permissions to give yourself more access Do that without actually implementing the unpacker and root access exploit yourself Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 12 / 14
3. Applovin/Vulna vulnerability Applovin/Vulna vulnerability Advertising framework Vulnerable versions: 2.0.74 through 5.0.3 The update process has no authentication mechanism Update performed via HTTP protocol The APK that the app uses for update can be replaced with a custom one Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 13 / 14
4. Questions & Answers Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 14 / 14

Empfohlen

soFrida Dynamic Analysis Tool for Mobile Apps with Cloud Backend
soFrida Dynamic Analysis Tool for Mobile Apps with Cloud BackendsoFrida Dynamic Analysis Tool for Mobile Apps with Cloud Backend
soFrida Dynamic Analysis Tool for Mobile Apps with Cloud BackendJune Park
 
The real incident of stealing a droid app+data
The real incident of stealing a droid app+dataThe real incident of stealing a droid app+data
The real incident of stealing a droid app+dataAkash Mahajan
 
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...CODE BLUE
 
BYOD and Security Trends
BYOD and Security TrendsBYOD and Security Trends
BYOD and Security TrendsCisco Russia
 
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
[CB20] Explainable malicious domain diagnosis by Tsuyoshi TaniguchiCODE BLUE
 
Declaración anual México 2016
Declaración anual México 2016Declaración anual México 2016
Declaración anual México 2016Rankia
 
Mobile App Security Testing
Mobile App Security TestingMobile App Security Testing
Mobile App Security TestingSarwar Jahan M
 
From Reversing to Exploitation
From Reversing to ExploitationFrom Reversing to Exploitation
From Reversing to ExploitationSatria Ady Pradana
 

Empfohlen

soFrida Dynamic Analysis Tool for Mobile Apps with Cloud Backend
soFrida Dynamic Analysis Tool for Mobile Apps with Cloud BackendsoFrida Dynamic Analysis Tool for Mobile Apps with Cloud Backend
soFrida Dynamic Analysis Tool for Mobile Apps with Cloud BackendJune Park
 
The real incident of stealing a droid app+data
The real incident of stealing a droid app+dataThe real incident of stealing a droid app+data
The real incident of stealing a droid app+dataAkash Mahajan
 
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...CODE BLUE
 
BYOD and Security Trends
BYOD and Security TrendsBYOD and Security Trends
BYOD and Security TrendsCisco Russia
 
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi[CB20] Explainable malicious domain diagnosis by Tsuyoshi Taniguchi
[CB20] Explainable malicious domain diagnosis by Tsuyoshi TaniguchiCODE BLUE
 
Declaración anual México 2016
Declaración anual México 2016Declaración anual México 2016
Declaración anual México 2016Rankia
 
Mobile App Security Testing
Mobile App Security TestingMobile App Security Testing
Mobile App Security TestingSarwar Jahan M
 
From Reversing to Exploitation
From Reversing to ExploitationFrom Reversing to Exploitation
From Reversing to ExploitationSatria Ady Pradana
 
IEEE Day 2013 - Reverse Engineering an Android Application
IEEE Day 2013 - Reverse Engineering an Android ApplicationIEEE Day 2013 - Reverse Engineering an Android Application
IEEE Day 2013 - Reverse Engineering an Android ApplicationRufatet Babakishiyev
 
Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Satheesh Kumar V
 
IRJET- Secure Android Application Development and Security Assessment
IRJET- Secure Android Application Development and Security AssessmentIRJET- Secure Android Application Development and Security Assessment
IRJET- Secure Android Application Development and Security AssessmentIRJET Journal
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbolapidays
 
Android Vulnerability: Fake ID
Android Vulnerability: Fake ID Android Vulnerability: Fake ID
Android Vulnerability: Fake ID Blueboxer2014
 
Securing android applications
Securing android applicationsSecuring android applications
Securing android applicationsJose Manuel Ortega Candel
 
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDroidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDario Incalza
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014viaForensics
 
Introduction to android
Introduction to androidIntroduction to android
Introduction to androidbantyder
 
Pentestflashkeybpardpaper
PentestflashkeybpardpaperPentestflashkeybpardpaper
PentestflashkeybpardpaperAndrey Apuhtin
 
Null mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-ExploitationNull mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-ExploitationNitesh Malviya
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentationSandeep Joshi
 
Mobile binary code - Attack Tree and Mitigation
Mobile binary code - Attack Tree and MitigationMobile binary code - Attack Tree and Mitigation
Mobile binary code - Attack Tree and MitigationSunil Paudel
 
FRIDA 101 Android
FRIDA 101 AndroidFRIDA 101 Android
FRIDA 101 AndroidTony Thomas
 
Android-Chapter01-Intro.pptx
Android-Chapter01-Intro.pptxAndroid-Chapter01-Intro.pptx
Android-Chapter01-Intro.pptxMonika Poriye
 
DIY, Wearables and Empowerment
DIY, Wearables and EmpowermentDIY, Wearables and Empowerment
DIY, Wearables and EmpowermentZoe Romano
 
Ambient Intelligence
Ambient IntelligenceAmbient Intelligence
Ambient IntelligenceRam Inamdar
 
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slides
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slidesYuryMakedonov_TesTrek2013_AndroidTesting_12u_slides
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slidesYury M
 
Null Dubai Humla_Romansh_Yadav_Android_app_pentesting
Null Dubai Humla_Romansh_Yadav_Android_app_pentestingNull Dubai Humla_Romansh_Yadav_Android_app_pentesting
Null Dubai Humla_Romansh_Yadav_Android_app_pentestingRomansh Yadav
 
Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 

Weitere ähnliche Inhalte

Ähnlich wie DefCamp 2013 - Android hacking techniques

IEEE Day 2013 - Reverse Engineering an Android Application
IEEE Day 2013 - Reverse Engineering an Android ApplicationIEEE Day 2013 - Reverse Engineering an Android Application
IEEE Day 2013 - Reverse Engineering an Android ApplicationRufatet Babakishiyev
 
Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Satheesh Kumar V
 
IRJET- Secure Android Application Development and Security Assessment
IRJET- Secure Android Application Development and Security AssessmentIRJET- Secure Android Application Development and Security Assessment
IRJET- Secure Android Application Development and Security AssessmentIRJET Journal
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbolapidays
 
Android Vulnerability: Fake ID
Android Vulnerability: Fake ID Android Vulnerability: Fake ID
Android Vulnerability: Fake ID Blueboxer2014
 
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDroidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDario Incalza
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014viaForensics
 
Introduction to android
Introduction to androidIntroduction to android
Introduction to androidbantyder
 
Pentestflashkeybpardpaper
PentestflashkeybpardpaperPentestflashkeybpardpaper
PentestflashkeybpardpaperAndrey Apuhtin
 
Null mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-ExploitationNull mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-ExploitationNitesh Malviya
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentationSandeep Joshi
 
Mobile binary code - Attack Tree and Mitigation
Mobile binary code - Attack Tree and MitigationMobile binary code - Attack Tree and Mitigation
Mobile binary code - Attack Tree and MitigationSunil Paudel
 
FRIDA 101 Android
FRIDA 101 AndroidFRIDA 101 Android
FRIDA 101 AndroidTony Thomas
 
Android-Chapter01-Intro.pptx
Android-Chapter01-Intro.pptxAndroid-Chapter01-Intro.pptx
Android-Chapter01-Intro.pptxMonika Poriye
 
DIY, Wearables and Empowerment
DIY, Wearables and EmpowermentDIY, Wearables and Empowerment
DIY, Wearables and EmpowermentZoe Romano
 
Ambient Intelligence
Ambient IntelligenceAmbient Intelligence
Ambient IntelligenceRam Inamdar
 
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slides
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slidesYuryMakedonov_TesTrek2013_AndroidTesting_12u_slides
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slidesYury M
 
Null Dubai Humla_Romansh_Yadav_Android_app_pentesting
Null Dubai Humla_Romansh_Yadav_Android_app_pentestingNull Dubai Humla_Romansh_Yadav_Android_app_pentesting
Null Dubai Humla_Romansh_Yadav_Android_app_pentestingRomansh Yadav
 

Ähnlich wie DefCamp 2013 - Android hacking techniques (20)

IEEE Day 2013 - Reverse Engineering an Android Application
IEEE Day 2013 - Reverse Engineering an Android ApplicationIEEE Day 2013 - Reverse Engineering an Android Application
IEEE Day 2013 - Reverse Engineering an Android Application
 
Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017Introduction to Android Application Security Testing - 2nd Sep 2017
Introduction to Android Application Security Testing - 2nd Sep 2017
 
IRJET- Secure Android Application Development and Security Assessment
IRJET- Secure Android Application Development and Security AssessmentIRJET- Secure Android Application Development and Security Assessment
IRJET- Secure Android Application Development and Security Assessment
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in Essence
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
 
Android Vulnerability: Fake ID
Android Vulnerability: Fake ID Android Vulnerability: Fake ID
Android Vulnerability: Fake ID
 
Securing android applications
Securing android applicationsSecuring android applications
Securing android applications
 
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and ToolsDroidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
Droidcon Greece '15 - Reverse Engineering in Android: Countermeasures and Tools
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
 
Introduction to android
Introduction to androidIntroduction to android
Introduction to android
 
Pentestflashkeybpardpaper
PentestflashkeybpardpaperPentestflashkeybpardpaper
Pentestflashkeybpardpaper
 
Null mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-ExploitationNull mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-Exploitation
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentation
 
Mobile binary code - Attack Tree and Mitigation
Mobile binary code - Attack Tree and MitigationMobile binary code - Attack Tree and Mitigation
Mobile binary code - Attack Tree and Mitigation
 
FRIDA 101 Android
FRIDA 101 AndroidFRIDA 101 Android
FRIDA 101 Android
 
Android-Chapter01-Intro.pptx
Android-Chapter01-Intro.pptxAndroid-Chapter01-Intro.pptx
Android-Chapter01-Intro.pptx
 
DIY, Wearables and Empowerment
DIY, Wearables and EmpowermentDIY, Wearables and Empowerment
DIY, Wearables and Empowerment
 
Ambient Intelligence
Ambient IntelligenceAmbient Intelligence
Ambient Intelligence
 
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slides
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slidesYuryMakedonov_TesTrek2013_AndroidTesting_12u_slides
YuryMakedonov_TesTrek2013_AndroidTesting_12u_slides
 
Null Dubai Humla_Romansh_Yadav_Android_app_pentesting
Null Dubai Humla_Romansh_Yadav_Android_app_pentestingNull Dubai Humla_Romansh_Yadav_Android_app_pentesting
Null Dubai Humla_Romansh_Yadav_Android_app_pentesting
 

Mehr von DefCamp

Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp
 
Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?DefCamp
 
Bridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXDefCamp
 
Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...DefCamp
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDefCamp
 
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)DefCamp
 
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFADefCamp
 
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationDefCamp
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money downDefCamp
 
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...DefCamp
 
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochDefCamp
 
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareDefCamp
 
Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?DefCamp
 
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured DefCamp
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
 
We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.DefCamp
 
Connect & Inspire Cyber Security
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber SecurityDefCamp
 
The lions and the watering hole
The lions and the watering holeThe lions and the watering hole
The lions and the watering holeDefCamp
 

Mehr von DefCamp (20)

Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of Trust
 
Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?
 
Bridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UX
 
Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
 
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)
 
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFA
 
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical Application
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money down
 
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...
 
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epoch
 
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcare
 
Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?
 
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
 
We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.
 
Connect & Inspire Cyber Security
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber Security
 
The lions and the watering hole
The lions and the watering holeThe lions and the watering hole
The lions and the watering hole
 

Kürzlich hochgeladen

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 

Kürzlich hochgeladen (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

DefCamp 2013 - Android hacking techniques

  • 1. Android hacking techniques Marius Barat Alexandru Citea Bitdefender Anti-Malware Laboratories, Romˆnia a Nov 30th, 2013 Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 1 / 14
  • 2. Agenda 1 Motivation Global devices evolution Operating systems market share 2 Repackaging an APK What is a repackage? White hat Grey hat Black hat Android repackaging. The on-device way 3 Applovin/Vulna vulnerability 4 Questions & Answers Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 2 / 14
  • 3. 1. Motivation Marius Barat Alexandru Citea 1.1. Global devices evolution Android hacking techniques Nov 30th, 2013 3 / 14
  • 4. 1. Motivation 1.2. Operating systems market share International Data Corporation (IDC) - Smartphones OS statistics Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 4 / 14
  • 5. 2. Repackaging an APK 2.1. What is a repackage? Decompile or Disassemble the APK Modify the smali/java code Add new functionalities and new resources Adjust permissions Repack and Resign the APK Tools: ApkTool, APK OneClick Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 5 / 14
  • 6. 2. Repackaging an APK 2.2. White hat Cheetah Theme for Facebook Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 6 / 14
  • 7. 2. Repackaging an APK 2.2. White hat Green W Socialize for Facebook Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 7 / 14
  • 8. 2. Repackaging an APK 2.3. Grey hat Add a new Advertising SDK Change the Advertiser ID from the original app Most used adware SDKs: Airpush Apperhand InMobi Leadbolt Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 8 / 14
  • 9. 2. Repackaging an APK 2.4. Black hat More than 1 percent of some 420,646 apps are stolen from other developers and re-engineered for illicit gains Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 9 / 14
  • 10. 2. Repackaging an APK 2.4. Black hat The original application developer loses a lot of money and client The repackaged app is often distributed as a free app: contains Advertising SDKs contains code for stealing sensitive data from the device Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 10 / 14
  • 11. 2. Repackaging an APK 2.4. Black hat Having enough permissions, even if the device is not rooted, sensitive data can be stolen: Mail accounts, passwords and mails are located in: Data/data/com.android.email/databases/EmailProvider.db Facebook messages, contacts, photos urls are located in: Data/data/com.facebook.katana/databases in databases: contacts db2, threads db2 Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 11 / 14
  • 12. 2. Repackaging an APK 2.5. Android repackaging. The on-device way Modify on-the-system apks to inject a payload Repack and resign, replace the original apk Possibly clean your own app of the payload (repackage yourself after injection without the malicious code) The payload could represent anything. you can easily modify permissions to give yourself more access Do that without actually implementing the unpacker and root access exploit yourself Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 12 / 14
  • 13. 3. Applovin/Vulna vulnerability Applovin/Vulna vulnerability Advertising framework Vulnerable versions: 2.0.74 through 5.0.3 The update process has no authentication mechanism Update performed via HTTP protocol The APK that the app uses for update can be replaced with a custom one Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 13 / 14
  • 14. 4. Questions & Answers Marius Barat Alexandru Citea Android hacking techniques Nov 30th, 2013 14 / 14