• Like
Android System Architecture  And  Pen-testing of Android applications
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Android System Architecture And  Pen-testing of Android applications

  • 1,315 views
Published

Its about the Android System architecture and pentesting of Android applications(for begining)

Its about the Android System architecture and pentesting of Android applications(for begining)

Published in Education , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,315
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
110
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Android System Architecture And Pen-testing of Android applications Yavuz Han
  • 2. What is Android ? • A software platform and operating system for mobile devices • Based on the Linux kernel(Kernel 2.6) • Developed by Google and later Open Handset Aliance(OHA) • Also writing managed code in the Java Language • C/C++ also but not supported
  • 3. Android Architecture
  • 4. Applications • First layer in system architecture • These include the applications shipped with android like the email client, SMS client, maps, browsers and also the applications developed and distributed through the Android market.
  • 5. Application Framework • Second layer in system architecture • These include the programs that manage the basic functions of the phone like resource allocation, voice call management, etc
  • 6. Libraries • The layer above to the Linux kernel is the Android’s native libraries. • These libraries are written in C/C++ languages. • These libraries also run as processes within the underlying Linux kernel. • The libraries are nothing but a set of instructions that tell the device how to handle different kinds of data (e.g. The media libraries support playing or recording various audio/video formats)
  • 7. Some of the key libraries are listed below: • SQLite:This is a lightweight yet powerful relational database engine available for all applications to store data. • Webkit:This is a browser engine providing tools for browsing web pages. • Surface Manager: This is responsible for the graphics on the device screens • OpenGL: Used to render 2D or 3D graphics to the screen
  • 8. Android Runtime • This is located on the same layer as the libraries layer. • It consists of the core JAVA libraries and the Dalvik virtual machine. • The core Java libraries are used for developing Android based applications. • Dalvik VMs help in achieving the following: - better memory management -an application cannot interfere with other applications without permissions - threading support
  • 9. • The diagram below is a pictorial representation of the Android environment. • It can be observed that each Android application runs under a separate virtual instance and each application has a unique user-id assigned to it.
  • 10. Linux Kernel • This is last layer in system architecture • Device drivers, power management, process management and networking services depend on the layer • Android using Linux kernel 2.6 and android developed over time have been harmonized. • Android is not exactly Linux.
  • 11. Penetration testing of Android apps • The applications in Android can be mainly classified into two categories: -Android browser-based applications -Android-based applications (Android application package files – .apk extension files)
  • 12. Android Filesystem Access We want to analyze files within the device,so how do we do this ? ADB (windows,linux,mac)
  • 13. Android FileSystem Access • Android Debug Bridge (adb) command -Access a shell -Pull/push files -Many more
  • 14. Example of ADB
  • 15. Quick look at some apps • We’re going to use Android’s default mail client (Note – this is for a rooted device) •Navigate to the shared_prefs directory of the application
  • 16. Quick look at some apps • •cat (read) the file
  • 17. Data Storage SQLite -Single file relational database -Supportet by Android & iPhone APIs to store Application settings/data
  • 18. • Using the ADB shell, we can browse to the database folder and access the data as shown below:
  • 19. Logging • Applications may leak data through gratuitous logging • In older versions of Android, the browser would log URLs visited -This also logged session Ids for websites that put it in the GET request
  • 20. Viewing Android Logs • We can use ‘adb logcat’ command
  • 21. Android Client Analysis • Android Application Layout -Apps are packaged in an APK file (zip archive) -What is in it ? -Dalvik class files(.dex) -Assets and Resources -Android Manifest.xml -APKs stored at /data/app on a device Can extract this
  • 22. Android Application Layout
  • 23. Android Application Layout
  • 24. Android Manifest.xml • Enumerates permissions • We are most interested in permissions and metadata
  • 25. Analyzing an APK • The files inside an APK are not directly useful -Need to unpack the XML,disassemble the dex class files We are using some tool for reverse engineering Android apk files
  • 26. Decompilation • This way eassier than other ways • You may be familiar with jad or jdgui -Use dex2jar to get a (JVM) jar from an apk *Perform “source review” on decompiled app Does not work for all apks
  • 27. Decompilation
  • 28. Protection • • • • We must treat the mobile device as hostile Don’t store sensitive data unencrypted! Doing encryption well is HARD Best practice: don’t store any sensitive data on device
  • 29. QUESTİONS THANK YOU