Advertisement

Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps

DefconRussia
Nov. 19, 2013
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps
Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps

Check these out next

Oleh Shpyrna "Security Testing Basics: Check your Webapp for gaps before l_unch"
Oleh Shpyrna "Security Testing Basics: Check your Webapp for gaps before l_unch"
Dakiry
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
Ajin Abraham
Red Team vs. Blue Team on AWS
Red Team vs. Blue Team on AWS
Priyanka Aash
Threat Intelligence Field of Dreams
Threat Intelligence Field of Dreams
Greg Foss
Opencart security testing
Opencart security testing
vikram vashisth
Security War Games
Security War Games
SeniorStoryteller
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
Kevin Fealey
1 of 34

Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps

Nov. 19, 2013
Download to read offline
Technology
Business
DefconRussia
Advertisement
Advertisement
Advertisement

Recommended

Owasp for testing_mobile_apps_opdOwasp for testing_mobile_apps_opd
Owasp for testing_mobile_apps_opdPawel Rzepa416 views31 slides
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesOWASP Delhi648 views17 slides
ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...
ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...Mauricio Velazco160 views6 slides
Feeding the Virtual Patch PipelineFeeding the Virtual Patch Pipeline
Feeding the Virtual Patch PipelineDevOps.com115 views18 slides
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with SplunkSplunk4.2K views112 slides
Purple is the New Black: Modern Approaches for Application SecurityPurple is the New Black: Modern Approaches for Application Security
Purple is the New Black: Modern Approaches for Application SecurityTanya Janca220 views64 slides

More Related Content

Slideshows for you(19)

Oleh Shpyrna "Security Testing Basics: Check your Webapp for gaps before l_unch"Oleh Shpyrna "Security Testing Basics: Check your Webapp for gaps before l_unch"
Oleh Shpyrna "Security Testing Basics: Check your Webapp for gaps before l_unch"
Dakiry168 views
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSFAppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
AppSec EU 2016: Automated Mobile Application Security Assessment with MobSF
Ajin Abraham22.6K views
Red Team vs. Blue Team on AWSRed Team vs. Blue Team on AWS
Red Team vs. Blue Team on AWS
Priyanka Aash2.2K views
Threat Intelligence Field of DreamsThreat Intelligence Field of Dreams
Threat Intelligence Field of Dreams
Greg Foss1.2K views
Opencart security testing Opencart security testing
Opencart security testing
vikram vashisth220 views
Security War GamesSecurity War Games
Security War Games
SeniorStoryteller1.2K views
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty24.9K views
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
Kevin Fealey3.5K views
Red team-view-gaps-in-the-serverless-application-attack-surfaceRed team-view-gaps-in-the-serverless-application-attack-surface
Red team-view-gaps-in-the-serverless-application-attack-surface
Priyanka Aash1.5K views
Rugged DevOps at Scale with Rich MogullRugged DevOps at Scale with Rich Mogull
Rugged DevOps at Scale with Rich Mogull
SeniorStoryteller1.3K views
MITRE ATTACKcon Power Hour - OctoberMITRE ATTACKcon Power Hour - October
MITRE ATTACKcon Power Hour - October
MITRE - ATT&CKcon3.2K views
ChaoSlingr: Introducing Security-Based Chaos TestingChaoSlingr: Introducing Security-Based Chaos Testing
ChaoSlingr: Introducing Security-Based Chaos Testing
Priyanka Aash309 views
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
Splunk3K views
Splunk Enterprise for Information Security Hands-On Breakout SessionSplunk Enterprise for Information Security Hands-On Breakout Session
Splunk Enterprise for Information Security Hands-On Breakout Session
Splunk1.2K views
Stephen Sadowski - Securely automating infrastructure in the cloudStephen Sadowski - Securely automating infrastructure in the cloud
Stephen Sadowski - Securely automating infrastructure in the cloud
DevSecCon326 views
Basics of Meterpreter EvasionBasics of Meterpreter Evasion
Basics of Meterpreter Evasion
Nipun Jaswal718 views
TakeDownCon Rocket City: Cyber Security via Technology Fails by Jeremy ConwayTakeDownCon Rocket City: Cyber Security via Technology Fails by Jeremy Conway
TakeDownCon Rocket City: Cyber Security via Technology Fails by Jeremy Conway
EC-Council554 views
Enabling effective hunt teaming and incident responseEnabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident response
jeffmcjunkin791 views
Threat Hunting with Splunk Threat Hunting with Splunk
Threat Hunting with Splunk
Splunk1.4K views

Similar to Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps(20)

BSidesLV 2016: Don't Repeat Yourself - Automating Malware Incident Response f...BSidesLV 2016: Don't Repeat Yourself - Automating Malware Incident Response f...
BSidesLV 2016: Don't Repeat Yourself - Automating Malware Incident Response f...
Jakub "Kuba" Sendor21 views
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDATop OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
NowSecure1K views
Login cat tekmonks - v3Login cat tekmonks - v3
Login cat tekmonks - v3
TEKMONKS171 views
Owasp Mobile Top 10 - M7 & M8Owasp Mobile Top 10 - M7 & M8
Owasp Mobile Top 10 - M7 & M8
5h1vang1K views
Login cat tekmonks - v5 (mini)Login cat tekmonks - v5 (mini)
Login cat tekmonks - v5 (mini)
Rohit Kapoor227 views
LoginCat - Mini PresentationLoginCat - Mini Presentation
LoginCat - Mini Presentation
Rohit Kapoor127 views
Penetration testing as an internal audit activityPenetration testing as an internal audit activity
Penetration testing as an internal audit activity
Transcendent Group2.1K views
Securing RailsSecuring Rails
Securing Rails
Alex Payne1.4K views
LoginCat from TekMonksLoginCat from TekMonks
LoginCat from TekMonks
Rohit Kapoor222 views
Can I Play with Madness?!?Can I Play with Madness?!?
Can I Play with Madness?!?
ElevenPaths1.3K views
Give Me Three Things: Anti-Virus Bypass Made EasyGive Me Three Things: Anti-Virus Bypass Made Easy
Give Me Three Things: Anti-Virus Bypass Made Easy
Security Weekly3.7K views
Getting started with hacking android & i os apps tools, techniques and re...Getting started with hacking android & i os apps tools, techniques and re...
Getting started with hacking android & i os apps tools, techniques and re...
n|u - The Open Security Community85 views
Faster Secure Software Development with Continuous Deployment - PH Days 2013Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013
Nick Galbreath1.4K views
Login cat tekmonks - v4Login cat tekmonks - v4
Login cat tekmonks - v4
TEKMONKS116 views
Login cat tekmonks - v4Login cat tekmonks - v4
Login cat tekmonks - v4
Rohit Kapoor439 views
vodQA(Pune) 2018 - QAing the security wayvodQA(Pune) 2018 - QAing the security way
vodQA(Pune) 2018 - QAing the security way
vodQA172 views
QAing the security way!QAing the security way!
QAing the security way!
Amit Gundiyal221 views
451 and Cylance - The Roadmap To Better Endpoint Security451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security
Adrian Sanabria544 views
Smart Cards & Devices Forum 2012 - Smart Phones SecuritySmart Cards & Devices Forum 2012 - Smart Phones Security
Smart Cards & Devices Forum 2012 - Smart Phones Security
OKsystem628 views
The hardcore stuff i hack, experiences from past VAPT assignmentsThe hardcore stuff i hack, experiences from past VAPT assignments
The hardcore stuff i hack, experiences from past VAPT assignments
n|u - The Open Security Community1.4K views
Advertisement

More from DefconRussia(20)

[Defcon Russia #29] Борис Савков - Bare-metal programming на примере Raspber...[Defcon Russia #29] Борис Савков - Bare-metal programming на примере Raspber...
[Defcon Russia #29] Борис Савков - Bare-metal programming на примере Raspber...
DefconRussia1.1K views
[Defcon Russia #29] Александр Ермолов - Safeguarding rootkits: Intel Boot Gua...[Defcon Russia #29] Александр Ермолов - Safeguarding rootkits: Intel Boot Gua...
[Defcon Russia #29] Александр Ермолов - Safeguarding rootkits: Intel Boot Gua...
DefconRussia1.1K views
[Defcon Russia #29] Алексей Тюрин - Spring autobinding[Defcon Russia #29] Алексей Тюрин - Spring autobinding
[Defcon Russia #29] Алексей Тюрин - Spring autobinding
DefconRussia782 views
[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux
[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux
DefconRussia709 views
Георгий Зайцев - Reversing golangГеоргий Зайцев - Reversing golang
Георгий Зайцев - Reversing golang
DefconRussia2.3K views
[DCG 25] Александр Большев - Never Trust Your Inputs or How To Fool an ADC [DCG 25] Александр Большев - Never Trust Your Inputs or How To Fool an ADC
[DCG 25] Александр Большев - Never Trust Your Inputs or How To Fool an ADC
DefconRussia1.4K views
Cisco IOS shellcode: All-in-oneCisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-one
DefconRussia58.5K views
Олег Купреев - Обзор и демонстрация нюансов и трюков из области беспроводных ...Олег Купреев - Обзор и демонстрация нюансов и трюков из области беспроводных ...
Олег Купреев - Обзор и демонстрация нюансов и трюков из области беспроводных ...
DefconRussia3.1K views
HTTP HOST header attacksHTTP HOST header attacks
HTTP HOST header attacks
DefconRussia18.5K views
Attacks on tacacs - Алексей ТюринAttacks on tacacs - Алексей Тюрин
Attacks on tacacs - Алексей Тюрин
DefconRussia1.4K views
Weakpass - defcon russia 23Weakpass - defcon russia 23
Weakpass - defcon russia 23
DefconRussia9.1K views
nosymbols - defcon russia 20nosymbols - defcon russia 20
nosymbols - defcon russia 20
DefconRussia1.2K views
static - defcon russia 20static - defcon russia 20
static - defcon russia 20
DefconRussia1.2K views
Zn task - defcon russia 20Zn task - defcon russia 20
Zn task - defcon russia 20
DefconRussia828 views
Vm ware fuzzing - defcon russia 20Vm ware fuzzing - defcon russia 20
Vm ware fuzzing - defcon russia 20
DefconRussia2.8K views
Nedospasov defcon russia 23Nedospasov defcon russia 23
Nedospasov defcon russia 23
DefconRussia1K views
Advanced cfg bypass on adobe flash player 18 defcon russia 23Advanced cfg bypass on adobe flash player 18 defcon russia 23
Advanced cfg bypass on adobe flash player 18 defcon russia 23
DefconRussia6.2K views
Miasm defcon russia 23Miasm defcon russia 23
Miasm defcon russia 23
DefconRussia1K views
Andrey Belenko, Alexey Troshichev - Внутреннее устройство и безопасность iClo...Andrey Belenko, Alexey Troshichev - Внутреннее устройство и безопасность iClo...
Andrey Belenko, Alexey Troshichev - Внутреннее устройство и безопасность iClo...
DefconRussia1.2K views
Sergey Belov - Покажите нам Impact! Доказываем угрозу в сложных условияхSergey Belov - Покажите нам Impact! Доказываем угрозу в сложных условиях
Sergey Belov - Покажите нам Impact! Доказываем угрозу в сложных условиях
DefconRussia1.4K views

Recently uploaded(20)

A comprehensive guide to prompt engineering.pdfA comprehensive guide to prompt engineering.pdf
A comprehensive guide to prompt engineering.pdf
AnastasiaSteele100 views
Digital Forencis.pdfDigital Forencis.pdf
Digital Forencis.pdf
HridhayBharti20 views
Advanced TestingAdvanced Testing
Advanced Testing
Postman0 views
Automate the Oracle Cloud Applications.pdfAutomate the Oracle Cloud Applications.pdf
Automate the Oracle Cloud Applications.pdf
RohitBhandari660 views
Ericsson LTE Commands.pdfEricsson LTE Commands.pdf
Ericsson LTE Commands.pdf
MbBot0 views
SYN: Ultra-Scale
Software Evolution Comprehension [ICPC 2023]SYN: Ultra-Scale
Software Evolution Comprehension [ICPC 2023]
SYN: Ultra-Scale
Software Evolution Comprehension [ICPC 2023]
Roberto Minelli0 views
Secure all things with CBSecurity 3Secure all things with CBSecurity 3
Secure all things with CBSecurity 3
Ortus Solutions, Corp0 views
End to End Process Transformation with Signavio.pdfEnd to End Process Transformation with Signavio.pdf
End to End Process Transformation with Signavio.pdf
IgnacioPeredoCL0 views
Migrating to the Cloud - From Preparation to Operation copy.pdfMigrating to the Cloud - From Preparation to Operation copy.pdf
Migrating to the Cloud - From Preparation to Operation copy.pdf
Symptai Consulting Limited0 views
Web3 vs metaverse.pdfWeb3 vs metaverse.pdf
Web3 vs metaverse.pdf
TarunTiwari940 views
WordPress Coding StandardsWordPress Coding Standards
WordPress Coding Standards
Jonathan Bossenger0 views
REPORT: Heating appliances market in Poland 2022REPORT: Heating appliances market in Poland 2022
REPORT: Heating appliances market in Poland 2022
SPIUG0 views
State Of GPTState Of GPT
State Of GPT
ssuser6f266e0 views
KMM - Kanban Maturity ModelKMM - Kanban Maturity Model
KMM - Kanban Maturity Model
Adail Viana Neto0 views
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
TrustArc0 views
Transforming Math Education: Harnessing the Power of Innovative Math Learning...Transforming Math Education: Harnessing the Power of Innovative Math Learning...
Transforming Math Education: Harnessing the Power of Innovative Math Learning...
RobertWalsh1040 views
Behind the scenes of our everyday Internet: the role of an IXP like MIXBehind the scenes of our everyday Internet: the role of an IXP like MIX
Behind the scenes of our everyday Internet: the role of an IXP like MIX
Speck&Tech0 views
Web Performance OptimizationWeb Performance Optimization
Web Performance Optimization
Livares Technologies Pvt Ltd0 views
kamil.pdfkamil.pdf
kamil.pdf
AzeemAslam110 views
MINOR PROJECT.pptxMINOR PROJECT.pptx
MINOR PROJECT.pptx
YashikaSengar20 views
Advertisement

Alexey Troshichev - Strike to the infrastructure a story about analyzing thousands mobile apps

  1. Avalanche Disclosure Story about static analysis of 15k mobile Apps
  2. Who am I? • Work hard on defense • Have fun in offensive • Break things Alexey Troshichev @pl0lq pl0lq@hackapp.com #ZeroNights2013 hackapp.com 2
  3. What’s wrong with an App ? Insecure transfer Injections Insecure storage Architecture flaws Mobile OWASP for bla-bla-bla … #ZeroNights2013 hackapp.com 3
  4. Common Attacks #ZeroNights2013 hackapp.com 4
  5. On-device analysis ? Unlock Device Remove DRM Setup research environment Dynamic analysis Time & Brains #ZeroNights2013 hackapp.com 5
  6. App is dangerous for user, but what’s about vendor ? Why should we waste time attacking one user, when we can just break into backend to get them all ? Why always just binary file? #ZeroNights2013 hackapp.com 6
  7. What App can tell us? Testing environment disclosure Third party services authentication data Built-in accounts Something you can’t even imagine =) #ZeroNights2013 hackapp.com 7
  8. Why it’s interesting? Installation is not important Finally, we are just searching strings… …and it could be automated =) #ZeroNights2013 hackapp.com 8
  9. Let’s build a Grinder ! #ZeroNights2013 hackapp.com 9
  10. AWK, STRINGS, GREP ? Not suitable for binary containers Too many garbage #ZeroNights2013 hackapp.com 10
  11. “Typical” Application DRM #ZeroNights2013 hackapp.com 11
  12. Actual Application #ZeroNights2013 hackapp.com 12
  13. Steps Containers recursive traversal “Unusual” files search Selective GREP Structure validation #ZeroNights2013 hackapp.com 13
  14. Let’s take ~15k iOS Apps from iTunes Finance section… …I like Finance #ZeroNights2013 hackapp.com 14
  15. What’s inside ? 224061 files of 1396 types #ZeroNights2013 hackapp.com 15
  16. Low hanging fruits 94452 files = 42% of whole #ZeroNights2013 hackapp.com 16
  17. Shared authentication #ZeroNights2013 hackapp.com 17
  18. “Secure” communication #ZeroNights2013 hackapp.com 18
  19. Third party services #ZeroNights2013 hackapp.com 19
  20. Third party services #ZeroNights2013 hackapp.com 20
  21. Access to user data AWS-secret:eyH0aw7IW7wdL8z2eSyK/A8q7rIF7uEMVpvQkbwC You “publish” your contacts and photos by installing the app… =( #ZeroNights2013 hackapp.com 21
  22. Not identified • • • • • • • • • • • • • • RSA private key:MIICeQIBADANBgkqhkiG9w6xmHVejkTokPs68ow== secret:164AC36F64FCC2D5 secret:33728B17A93A4A92 secret:4711429DAE3C6F7C secret:62ebd594bc903feeea5ee459715e08fa secret:6508E621E259AC4A secret:697E46CE13AA557B secret:76a863da0821f58ecb13e31cb761c573 secret:a7df64e1d5a33a93c12b06fa0f8c6f47 secret_android:2859389F73072C90 secret_android:3D05E67E03216A9B secret_android:66549A9BB401AF56 secret_android:678649CED531B8E8 secret_android:745A209380630940 (and more, and more, and more…) #ZeroNights2013 hackapp.com 22
  23. 4% Apps released with hardcoded credentials #ZeroNights2013 hackapp.com 23
  24. DEV Environment svn://mokah.siab01.com/ https://test.freerange360.com/ http://test.mmf.berlingskemedia.net http://test.informatel.com http://test.improveagency.com http://test.appswiz.com https://test.freerange360. https://dev.magtab.com:8888 http://dev.touchpublisher.com http://dev.pressrun.com/ http://dev.openstreetmap.de/ http://dev.aleph-labs.com (and more, and more… ) #ZeroNights2013 hackapp.com 24
  25. Mad Stuff #ZeroNights2013 hackapp.com 25
  26. Shocking configs SMS gateway OpenVpn config #ZeroNights2013 hackapp.com 26
  27. Unpredictable #ZeroNights2013 hackapp.com 27
  28. Developers Certificates P12 containers, most are encrypted, but.. #ZeroNights2013 hackapp.com 28
  29. HAVE NO TIME TO EXPLAIN #ZeroNights2013 hackapp.com 29
  30. Is there an App for that? http://hackapp.com/ #ZeroNights2013 hackapp.com 30
  31. Dashboard #ZeroNights2013 hackapp.com 31
  32. Report #ZeroNights2013 hackapp.com 32
  33. Details #ZeroNights2013 hackapp.com 33
  34. Questions ? URL: Twitter: Mail: #ZeroNights2013 http://hackapp.com/ @hackapp info@hackapp.com hackapp.com 34
Advertisement