Experimental android hacking using reflection
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Experimental android hacking using reflection

  • 2,468 views
Uploaded on

Describe a hacking using JAVA reflection which is useful for various experiments

Describe a hacking using JAVA reflection which is useful for various experiments

More in: Technology , Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
2,468
On Slideshare
2,468
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
10
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Experimental Android Hacking Using Reflection SeongJae Park, Heon Yeom, Seoul National University
  • 2. Hidden Android Features Unsecure, Or Unmatured Features Hidden From Developers Need Such Features On Lots Of Researching
  • 3. Rooting / System Modification ● Pros ○ Able to Use Hidden Features ○ No Limitation At All ● Cons ○ Environment Is Different With Real Market Device
  • 4. How Android Hide Features 3rd Party Application Use SDK Framework Interface Built-in Application Uses Built-in Framework Interface SDK Framework Interface != Built-in Framework Interface
  • 5. Android Basic Structure 3rd Party Developer Application Built-in Application SDK Framework Interface Built-in Framework Interface On-Device Framework Binder System Process System Process Device System Process
  • 6. Java Reflection ● Examine or Modify Behavior Of Application ○ Type Checking ○ Debugging ○ Test
  • 7. Java Reflection ● Pros ○ Unlimited Freedom ● Cons ○ Performance Overhead ○ Weak Security Available ○ Unexpected Side-Effect
  • 8. Android Hacking Using Reflection Change SDK Framework Interface into OnDevice Framework Interface 3rd Party Developer Application Built-in Application SDK Framework Interface Built-in Framework Interface Reflection On-Device Framework
  • 9. Android Hacking Using Reflection TelephonyMaanger telephonyManager = (TelephonyManager)getSystemService( Context.TELEPHONY_SERVICE); try { Class c = Class.forName(telephonyManager. getClass().getName()); Method m = c.getDeclaredMethod("getITelephony"); m.setAccessible(true); ITelephony telephony = (ITelephony)m.invoke( telephonyManager); telephony.endCall(); } catch (Throwable e) {}
  • 10. Restriction Of Reflection Using Hack ● Performance Overhead ● May Not Success On Every Machine ○ Manufacturer’s Device Use Modified Android ● May Not Success On Latest Android