• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
The real incident of stealing a droid app+data
 

The real incident of stealing a droid app+data

on

  • 1,438 views

This is a beginner level talk/lecture about how we managed to steal data, bypass security controls and steal the source code of an Android application which was supposed to be secure. ...

This is a beginner level talk/lecture about how we managed to steal data, bypass security controls and steal the source code of an Android application which was supposed to be secure.

Technically what we managed to do isn't ground breaking, but due to a combination of reasons we were able to radically change the security of the Android app for the better.

Statistics

Views

Total Views
1,438
Views on SlideShare
953
Embed Views
485

Actions

Likes
0
Downloads
7
Comments
0

6 Embeds 485

http://funnel.hasgeek.com 394
https://hasgeek.tv 46
http://hasgeek.tv 36
https://funnel.hasgeek.com 7
https://si0.twimg.com 1
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    The real incident of stealing a droid app+data The real incident of stealing a droid app+data Presentation Transcript

    • The Real Incident of Stealinga Droid App & DataAkash Mahajan and Ankur Bhargava @ DroidCon Bangalore 2012
    • What we stole The Android Application Package File All the encrypted files found in the external storage© Akash Mahajan DroidCon Bangalore 2012 2
    • Not only we successfully the app + data we it on another device which was rooted© Akash Mahajan DroidCon Bangalore 2012 3
    • Them devs made it more secure? A device ID check was added We reversed the applications added our device ID and compiled it again. Able to execute again, yay!© Akash Mahajan DroidCon Bangalore 2012 4
    • THE DROID JOBA standard Chinese made Tabletrunning Android 4.0 (Indian Brand)The application contained encrypteddata along with other resources. © Akash Mahajan DroidCon Bangalore 2012 5
    • We had written permission to steal!© Akash Mahajan DroidCon Bangalore 2012 6
    • All your data are belong to usAll the encrypted data was with usWe didn’t have the encryption keyBut we had the device with the key ininternal storage © Akash Mahajan DroidCon Bangalore 2012 7
    • GONE IN 300 SECONDSAndroid Backup API using Android DebugBridge because we had the package name.ADB pull command, YAY!> adb pull <remote> <local> © Akash Mahajan DroidCon Bangalore 2012 8
    • DISCLAIMER It is not Rocket Science Simple common security testing© Akash Mahajan DroidCon Bangalore 2012 9
    • The Simple HackWe knew find an exploit to root the devicemight take some time and skillApplication written for the same version ofAndroid will run in all devices © Akash Mahajan DroidCon Bangalore 2012 10
    • If the device having the application can’t be rooted, let us take the application to the rooted device.© Akash Mahajan DroidCon Bangalore 2012 11
    • The Simple HackOnce copied to the rooted device we could seewhat the application was doing using DDMS.Dalvik Debug Monitor Server provides amongother things process information about appsrunning on a device connected in USB debugmode. © Akash Mahajan DroidCon Bangalore 2012 12
    • The key to everythingIn this particular case, the encryption key wasrequired to decrypt the data.We didn’t have file permissions to reach the key.We decided not to go after the key. We weren’tbeing paid enough for that. © Akash Mahajan DroidCon Bangalore 2012 13
    • The Encryption ConundrumIf you give away your device, the only way youcan ensure safety of the data is by ensuring thatthe symmetric encryption key isn’t stolen.At any given point depending on the applicationthe key might be available in memory, tempfile/storage or on the chip itself. © Akash Mahajan DroidCon Bangalore 2012 14
    • The Encryption ConundrumBut because the device is with the thieves, theyhave all the time in the world to find it.If nothing works, they can always break openthe device and steal the key from the storage. © Akash Mahajan DroidCon Bangalore 2012 15
    • FREE CONSULTING /ChecklistDisable USB debugging portDisable USB itselfDon’t give internet access in the device.Obfuscate the source code.Provide a unique key for each device.© Akash Mahajan DroidCon Bangalore 2012 16
    • SUCCESS KIDZClient felt assured about their device securityDev had a more secure solutionWe get to pretend that we are Android securityexperts. We are not, just love the challenge.© Akash Mahajan DroidCon Bangalore 2012 17
    • WANTED DROID CHORS @ankurbhargava87 @makash© Akash Mahajan DroidCon Bangalore 2012 18