Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Advance anrdoid penetration testing

314 views

Published on

Description about smalidebugging and frida. How to use both to bypass android application client side validation.

Published in: Mobile
  • Be the first to comment

Advance anrdoid penetration testing

  1. 1. Advance Anrdoid Penetration Testing Techniques - Sanjay Gondaliya
  2. 2. #Whoami • 6+ years of experience in Information technology • Security consultant in NotSoSecure, Developer
  3. 3. Agenda • What is Static analysis? • How to do Static analysis? • Extra layer security bypass techniques • Smali debgging • Frida - Dynamic instrumentation framework
  4. 4. Android Menifest checks Exported activities, content providers, broadcast receivers, services debuggable flag is true (debuggable="true") bakcup flag is true (allowBackup="true") Sensitive information in application source code ( Encyption Keys, API Keys, Credentials)
  5. 5. Static Analysis Senstive information in logs using Logcat tool Sensitive information in memory (DDMS, Frida) Sesnsitive information in application local storage (SharedPrefernce xml, sqlite database etc.)
  6. 6. Common Tools Used • MobSF • drozer • Inspackage • Exposed framework • SSLUnpinning
  7. 7. Extra layer of security • Root detection • Exposed framework detection • SSL Pinning • Source Code obfuscation • Integrity checks • Hashing/Encryption in Request/Response
  8. 8. Smali debugging • Powerful technique to bypass client side checks • Tools • Android studio • smalidea android studio plugin • Android enulator / mobile device • Knowledge of Java programming langauge Demo
  9. 9. Frida • It's a dynamic instrumentation framework • Which allow us to write custom script • Language supported • Javascript • python • C • etc... • To hijack the function call • More about Frida • https://www.frida.re/docs/android/ Demo
  10. 10. Fridump • Open source memory dumping tool • Primarily aimed to penetration testers and developers • It can be used from • Windows • Linux • Mac OS X system • To dump the memory of • iOS • Android • Windows application. Demo
  11. 11. References • https://slides.com/jaimingohel/android • https://www.frida.re/docs/android/ • https://crosp.net/blog/software-development/mobile/android/android- reverse-engineering-debugging-smali-using-smalidea/ • https://www.youtube.com/watch?v=6nrWfFhyva0&feature=youtu.be • https://www.youtube.com/watch?v=pn_CgHbl00E • https://bitbucket.org/iBotPeaches/apktool/downloads/ • http://jd.benow.ca/ • https://sourceforge.net/projects/dex2jar/files/latest/download
  12. 12. Thank You!!

×