Experimental android hacking using reflection
Upcoming SlideShare
Loading in...5
×
 

Experimental android hacking using reflection

on

  • 1,550 views

Describe a hacking using JAVA reflection which is useful for various experiments

Describe a hacking using JAVA reflection which is useful for various experiments

Statistics

Views

Total Views
1,550
Slideshare-icon Views on SlideShare
1,550
Embed Views
0

Actions

Likes
0
Downloads
3
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Experimental android hacking using reflection Experimental android hacking using reflection Presentation Transcript

    • Experimental Android Hacking Using Reflection SeongJae Park, Heon Yeom, Seoul National University
    • Hidden Android Features Unsecure, Or Unmatured Features Hidden From Developers Need Such Features On Lots Of Researching
    • Rooting / System Modification ● Pros ○ Able to Use Hidden Features ○ No Limitation At All ● Cons ○ Environment Is Different With Real Market Device
    • How Android Hide Features 3rd Party Application Use SDK Framework Interface Built-in Application Uses Built-in Framework Interface SDK Framework Interface != Built-in Framework Interface
    • Android Basic Structure 3rd Party Developer Application Built-in Application SDK Framework Interface Built-in Framework Interface On-Device Framework Binder System Process System Process Device System Process
    • Java Reflection ● Examine or Modify Behavior Of Application ○ Type Checking ○ Debugging ○ Test
    • Java Reflection ● Pros ○ Unlimited Freedom ● Cons ○ Performance Overhead ○ Weak Security Available ○ Unexpected Side-Effect
    • Android Hacking Using Reflection Change SDK Framework Interface into OnDevice Framework Interface 3rd Party Developer Application Built-in Application SDK Framework Interface Built-in Framework Interface Reflection On-Device Framework
    • Android Hacking Using Reflection TelephonyMaanger telephonyManager = (TelephonyManager)getSystemService( Context.TELEPHONY_SERVICE); try { Class c = Class.forName(telephonyManager. getClass().getName()); Method m = c.getDeclaredMethod("getITelephony"); m.setAccessible(true); ITelephony telephony = (ITelephony)m.invoke( telephonyManager); telephony.endCall(); } catch (Throwable e) {}
    • Restriction Of Reflection Using Hack ● Performance Overhead ● May Not Success On Every Machine ○ Manufacturer’s Device Use Modified Android ● May Not Success On Latest Android