Experimental Android
Hacking Using Reflection
SeongJae Park, Heon Yeom,
Seoul National University
Hidden Android Features
Unsecure, Or Unmatured Features Hidden
From Developers
Need Such Features On Lots Of Researching
Rooting / System Modification
● Pros
○ Able to Use Hidden Features
○ No Limitation At All

● Cons
○ Environment Is Differe...
How Android Hide Features
3rd Party Application Use SDK Framework
Interface
Built-in Application Uses Built-in Framework
I...
Android Basic Structure
3rd Party Developer
Application

Built-in Application

SDK Framework Interface

Built-in Framework...
Java Reflection
● Examine or Modify Behavior Of Application
○ Type Checking
○ Debugging
○ Test
Java Reflection
● Pros
○ Unlimited Freedom

● Cons
○ Performance Overhead
○ Weak Security Available
○ Unexpected Side-Effe...
Android Hacking Using Reflection
Change SDK Framework Interface into OnDevice Framework Interface
3rd Party Developer
Appl...
Android Hacking Using Reflection
TelephonyMaanger telephonyManager =
(TelephonyManager)getSystemService(
Context.TELEPHONY...
Restriction Of Reflection Using Hack
● Performance Overhead
● May Not Success On Every Machine
○ Manufacturer’s Device Use...
Upcoming SlideShare
Loading in...5
×

Experimental android hacking using reflection

2,970

Published on

Describe a hacking using JAVA reflection which is useful for various experiments

Published in: Technology, Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,970
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
23
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Experimental android hacking using reflection

  1. 1. Experimental Android Hacking Using Reflection SeongJae Park, Heon Yeom, Seoul National University
  2. 2. Hidden Android Features Unsecure, Or Unmatured Features Hidden From Developers Need Such Features On Lots Of Researching
  3. 3. Rooting / System Modification ● Pros ○ Able to Use Hidden Features ○ No Limitation At All ● Cons ○ Environment Is Different With Real Market Device
  4. 4. How Android Hide Features 3rd Party Application Use SDK Framework Interface Built-in Application Uses Built-in Framework Interface SDK Framework Interface != Built-in Framework Interface
  5. 5. Android Basic Structure 3rd Party Developer Application Built-in Application SDK Framework Interface Built-in Framework Interface On-Device Framework Binder System Process System Process Device System Process
  6. 6. Java Reflection ● Examine or Modify Behavior Of Application ○ Type Checking ○ Debugging ○ Test
  7. 7. Java Reflection ● Pros ○ Unlimited Freedom ● Cons ○ Performance Overhead ○ Weak Security Available ○ Unexpected Side-Effect
  8. 8. Android Hacking Using Reflection Change SDK Framework Interface into OnDevice Framework Interface 3rd Party Developer Application Built-in Application SDK Framework Interface Built-in Framework Interface Reflection On-Device Framework
  9. 9. Android Hacking Using Reflection TelephonyMaanger telephonyManager = (TelephonyManager)getSystemService( Context.TELEPHONY_SERVICE); try { Class c = Class.forName(telephonyManager. getClass().getName()); Method m = c.getDeclaredMethod("getITelephony"); m.setAccessible(true); ITelephony telephony = (ITelephony)m.invoke( telephonyManager); telephony.endCall(); } catch (Throwable e) {}
  10. 10. Restriction Of Reflection Using Hack ● Performance Overhead ● May Not Success On Every Machine ○ Manufacturer’s Device Use Modified Android ● May Not Success On Latest Android
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×