Android System Architecture  And  Pen-testing of Android applications
Upcoming SlideShare
Loading in...5
×
 

Android System Architecture And  Pen-testing of Android applications

on

  • 1,168 views

Its about the Android System architecture and pentesting of Android applications(for begining)

Its about the Android System architecture and pentesting of Android applications(for begining)

Statistics

Views

Total Views
1,168
Slideshare-icon Views on SlideShare
1,168
Embed Views
0

Actions

Likes
0
Downloads
80
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Android System Architecture  And  Pen-testing of Android applications Android System Architecture And  Pen-testing of Android applications Presentation Transcript

    • Android System Architecture And Pen-testing of Android applications Yavuz Han
    • What is Android ? • A software platform and operating system for mobile devices • Based on the Linux kernel(Kernel 2.6) • Developed by Google and later Open Handset Aliance(OHA) • Also writing managed code in the Java Language • C/C++ also but not supported
    • Android Architecture
    • Applications • First layer in system architecture • These include the applications shipped with android like the email client, SMS client, maps, browsers and also the applications developed and distributed through the Android market.
    • Application Framework • Second layer in system architecture • These include the programs that manage the basic functions of the phone like resource allocation, voice call management, etc
    • Libraries • The layer above to the Linux kernel is the Android’s native libraries. • These libraries are written in C/C++ languages. • These libraries also run as processes within the underlying Linux kernel. • The libraries are nothing but a set of instructions that tell the device how to handle different kinds of data (e.g. The media libraries support playing or recording various audio/video formats)
    • Some of the key libraries are listed below: • SQLite:This is a lightweight yet powerful relational database engine available for all applications to store data. • Webkit:This is a browser engine providing tools for browsing web pages. • Surface Manager: This is responsible for the graphics on the device screens • OpenGL: Used to render 2D or 3D graphics to the screen
    • Android Runtime • This is located on the same layer as the libraries layer. • It consists of the core JAVA libraries and the Dalvik virtual machine. • The core Java libraries are used for developing Android based applications. • Dalvik VMs help in achieving the following: - better memory management -an application cannot interfere with other applications without permissions - threading support
    • • The diagram below is a pictorial representation of the Android environment. • It can be observed that each Android application runs under a separate virtual instance and each application has a unique user-id assigned to it.
    • Linux Kernel • This is last layer in system architecture • Device drivers, power management, process management and networking services depend on the layer • Android using Linux kernel 2.6 and android developed over time have been harmonized. • Android is not exactly Linux.
    • Penetration testing of Android apps • The applications in Android can be mainly classified into two categories: -Android browser-based applications -Android-based applications (Android application package files – .apk extension files)
    • Android Filesystem Access We want to analyze files within the device,so how do we do this ? ADB (windows,linux,mac)
    • Android FileSystem Access • Android Debug Bridge (adb) command -Access a shell -Pull/push files -Many more
    • Example of ADB
    • Quick look at some apps • We’re going to use Android’s default mail client (Note – this is for a rooted device) •Navigate to the shared_prefs directory of the application
    • Quick look at some apps • •cat (read) the file
    • Data Storage SQLite -Single file relational database -Supportet by Android & iPhone APIs to store Application settings/data
    • • Using the ADB shell, we can browse to the database folder and access the data as shown below:
    • Logging • Applications may leak data through gratuitous logging • In older versions of Android, the browser would log URLs visited -This also logged session Ids for websites that put it in the GET request
    • Viewing Android Logs • We can use ‘adb logcat’ command
    • Android Client Analysis • Android Application Layout -Apps are packaged in an APK file (zip archive) -What is in it ? -Dalvik class files(.dex) -Assets and Resources -Android Manifest.xml -APKs stored at /data/app on a device Can extract this
    • Android Application Layout
    • Android Application Layout
    • Android Manifest.xml • Enumerates permissions • We are most interested in permissions and metadata
    • Analyzing an APK • The files inside an APK are not directly useful -Need to unpack the XML,disassemble the dex class files We are using some tool for reverse engineering Android apk files
    • Decompilation • This way eassier than other ways • You may be familiar with jad or jdgui -Use dex2jar to get a (JVM) jar from an apk *Perform “source review” on decompiled app Does not work for all apks
    • Decompilation
    • Protection • • • • We must treat the mobile device as hostile Don’t store sensitive data unencrypted! Doing encryption well is HARD Best practice: don’t store any sensitive data on device
    • QUESTİONS THANK YOU