Srinivasa RaoIndependent Security ResearcherWorking for TCSCo-Author of the book “HACKING S3CRETS”
What we discuss?        Android OS Basics        Understanding APK        Android Architechture        Android Security Mo...
What is Android?    Android is a software stack for mobile devices.    The stack consists of An Operating System, Middlewa...
Why Android?    Wherever you go it follows you!! (Tablets, mobile phones, TVs)    Open source    Anyone can develop apps! ...
Understanding the APK     Every app contains the extension         .APK     Nothing but a zip file     Can be extracted w...
Understanding the APK
Understanding the APK
Components       Activity        Screen to let users interact – Buttons, text view, image view etc.       Service         ...
Permissions – They Suck!!      Declared in AndroidManifest.xml      XML file contains all the components and permissions  ...
Permissions     ACCESSS_COARSE_LOCATION   CAMERA                               CHANGE_WIFI_STATE     ACCESS_FINE_LOCATION ...
Android Security Model        Application 1     Application 2      Application 3         UID : 1000        UID : 1001     ...
Dalvik Virtual Machine      Created by Dan Bornstein      It’s a virtual System to run the android apps      Register base...
Some popular android malwares     Geniemi     Droid dream     Trojan fake player     iCalender
Making the APK     .java       .class   .dex   .apk
Reversing the APK     .java     .class   .dex   .apk
Reversing tools…     Tools used          APK TOOL.          BAKSMALI          DEX2JAR.          JDGUI.
File System Access      •Android Debug Bridge (adb) command           Access a shell.           Pull/push files.        ...
Greetzzzzz             cnuhackz@gmail.com
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
Upcoming SlideShare
Loading in...5
×

Andriod Pentesting and Malware Analysis

1,609

Published on

null Hyderabad Chapter January 2013 Meet

Published in: Education
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,609
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
75
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Andriod Pentesting and Malware Analysis

  1. 1. Srinivasa RaoIndependent Security ResearcherWorking for TCSCo-Author of the book “HACKING S3CRETS”
  2. 2. What we discuss? Android OS Basics Understanding APK Android Architechture Android Security Model Android Rooting A Brief look into android malwares Reversing android malwares Pentesting on Android platform Demos
  3. 3. What is Android? Android is a software stack for mobile devices. The stack consists of An Operating System, Middleware and Key mobile applications It is initially developed by Android Inc in 2003 and later acquired by Google in 2005. 2007 – OHA(Open Handset Alliance) Largest market share HTC Dream – the first commercially available mobile phone based on android based operating system.
  4. 4. Why Android? Wherever you go it follows you!! (Tablets, mobile phones, TVs) Open source Anyone can develop apps! No restrictions like Iphone Runs on Linux 2.6.X kernel Uses SQLITE databases Official market containing over 7,00,000 apps
  5. 5. Understanding the APK Every app contains the extension  .APK Nothing but a zip file Can be extracted with winrar or winzip. Written in Java, with native libraries in C/C++ Composed of components such as activities, services, Broadcast Receivers etc.
  6. 6. Understanding the APK
  7. 7. Understanding the APK
  8. 8. Components Activity Screen to let users interact – Buttons, text view, image view etc. Service Performs the work in the back ground – playing music Broadcast receiver Receives and Responds to broadcast announcements Binds individual components at runtime Intents Stores and retrieves the application data – SQLITE databases Content Providers
  9. 9. Permissions – They Suck!! Declared in AndroidManifest.xml XML file contains all the components and permissions App can only use the declared permissions
  10. 10. Permissions ACCESSS_COARSE_LOCATION CAMERA CHANGE_WIFI_STATE ACCESS_FINE_LOCATION READ_CALL_LOG CALL_PHONE READ_SMS READ_CONTACTS
  11. 11. Android Security Model Application 1 Application 2 Application 3 UID : 1000 UID : 1001 UID : 1002 Dalvik VM Dalvik VM Dalvik VM Application 4 Application 5 UID : 1003 UID : 1004 Dalvik VM Dalvik VM SYSTEM PROCESS (UID : SYSTEM) LINUX KERNEL
  12. 12. Dalvik Virtual Machine Created by Dan Bornstein It’s a virtual System to run the android apps Register based instead of stack based It runs the dex (Dalvik Executables) files
  13. 13. Some popular android malwares Geniemi Droid dream Trojan fake player iCalender
  14. 14. Making the APK .java .class .dex .apk
  15. 15. Reversing the APK .java .class .dex .apk
  16. 16. Reversing tools… Tools used APK TOOL. BAKSMALI DEX2JAR. JDGUI.
  17. 17. File System Access •Android Debug Bridge (adb) command Access a shell. Pull/push files. Many more.
  18. 18. Greetzzzzz cnuhackz@gmail.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×