These slides were presented at GDG MeetUp in Bangalore which was held on 21st September 2013. Uploading the slides to help the people who wanted the slide Deck
This talk is going to give an overview of Android operating system and it´s apps ecosystem from the security point of view of a penetration tester.
So lets dive into topics like Pentest Environment Setup, Tools of the Trade, App Analysis and some security hints for Android developers.
Android Application Penetration Testing - Mohammed AdamMohammed Adam
Android Penetration Testing is a process of testing and finding security issues in an android application. It involves decompiling, real-time analyzing and testing android application for security point of view. This Slides covers real-time testing of android applications and some security issues like insecure logging, leaking content providers, insecure data storage and access control issues.
This talk is going to give an overview of Android operating system and it´s apps ecosystem from the security point of view of a penetration tester.
So lets dive into topics like Pentest Environment Setup, Tools of the Trade, App Analysis and some security hints for Android developers.
Android Application Penetration Testing - Mohammed AdamMohammed Adam
Android Penetration Testing is a process of testing and finding security issues in an android application. It involves decompiling, real-time analyzing and testing android application for security point of view. This Slides covers real-time testing of android applications and some security issues like insecure logging, leaking content providers, insecure data storage and access control issues.
Presented by Spv Reddy from National Cyber Safety and Security Standards on Mobile Application Security Testing in OWSAP Hyderabad in February.
AGENDA:
1.Why Mobile Applications are more Vulnerable?
2.Types of Mobile Applications
3.Android Architecture
4.Introduction to Mobile Application Security Testing
Information Gathering
Static Code Analysis
Introduction and Process in Static Analysis
Setting Up Lab and Tools Used
Mobile Security Framework (Demo)
Analyzing App1
Analyzing App2
Comparison of issues in 10 Mobile Apps
Working with jadx,dex2jar , jd-gui, Decompiler( (Demo)
Dynamic Code Analysis
Setting Up Lab and Tools Used
Introduction to adb and commands used in it
Comparison of issues in 10 Mobile Apps
Diva Challenges(7 Demonstration and 6 POC)
Dynamic Analysis App1(WhatsApp)
Dynamic Analysis App2(Mobile Wallet)
Dynamic Analysis App3(Woo App)
Dynamic Analysis App4(Hacking Game Manually)
Dynamic Analysis App5(Hacking Game with Tools)
Mobile Forensics
The presentation focus on some known and unknown methods of android pentetration testing. I have taken help from many resources which I have mentioned in PPT.
This slide deck covers the automated & manual static code discovery of Android Application using opensource tools, Reverse engineering of apk file and Secure code review
The fundamentals of Android and iOS app securityNowSecure
Looking for a high-intensity bootcamp covering the basics of secure mobile development? This slideshare was originally presented by mobile security expert and NowSecure CEO Andrew Hoog for a 60-minute workshop at Security by Design covering the following topics:
+ Introduction to identifying security flaws in mobile apps (and how to avoid them)
+ Examples of secure and insecure mobile apps and how to secure them
+ Overview of secure mobile development based on the NowSecure Secure Mobile Development Best Practices
With the big delays in the time it takes until an iOS jailbreak is public and stable, it is often not possible to test mobile apps in the latest iOS version. Occasionally customers might also provide builds that only work in iOS versions for which no jailbreak is available. On Android the situation is better, but there can also be problems to root certain phone models. These trends make security testing of mobile apps difficult. This talk will cover approaches to defeat common security mechanisms that must be bypassed in the absence of root/jailbreak.
I attended the Android Penetration testing session organized by Null Bangalore. It was an AWESOME session by Ashish and everyone enjoyed it. This is the first time the Humla session was organized at Flipkart and it was beautiful venue. As I was sure that I may forget it later, I documented the entire session so that it will help me to revise it later as well. I have tried to make it as comprehensive as possible which gives you precise step by step instructions. It also covers most of the errors and solutions
we all faced during the session. This will help all of us to revise whatever we were taught in the Humla Session. It covers everything except the challenges. I am sure once you go through this document it will help you and others as well who were not able to attend.
Cheers !!!
Presented by Spv Reddy from National Cyber Safety and Security Standards on Mobile Application Security Testing in OWSAP Hyderabad in February.
AGENDA:
1.Why Mobile Applications are more Vulnerable?
2.Types of Mobile Applications
3.Android Architecture
4.Introduction to Mobile Application Security Testing
Information Gathering
Static Code Analysis
Introduction and Process in Static Analysis
Setting Up Lab and Tools Used
Mobile Security Framework (Demo)
Analyzing App1
Analyzing App2
Comparison of issues in 10 Mobile Apps
Working with jadx,dex2jar , jd-gui, Decompiler( (Demo)
Dynamic Code Analysis
Setting Up Lab and Tools Used
Introduction to adb and commands used in it
Comparison of issues in 10 Mobile Apps
Diva Challenges(7 Demonstration and 6 POC)
Dynamic Analysis App1(WhatsApp)
Dynamic Analysis App2(Mobile Wallet)
Dynamic Analysis App3(Woo App)
Dynamic Analysis App4(Hacking Game Manually)
Dynamic Analysis App5(Hacking Game with Tools)
Mobile Forensics
The presentation focus on some known and unknown methods of android pentetration testing. I have taken help from many resources which I have mentioned in PPT.
This slide deck covers the automated & manual static code discovery of Android Application using opensource tools, Reverse engineering of apk file and Secure code review
The fundamentals of Android and iOS app securityNowSecure
Looking for a high-intensity bootcamp covering the basics of secure mobile development? This slideshare was originally presented by mobile security expert and NowSecure CEO Andrew Hoog for a 60-minute workshop at Security by Design covering the following topics:
+ Introduction to identifying security flaws in mobile apps (and how to avoid them)
+ Examples of secure and insecure mobile apps and how to secure them
+ Overview of secure mobile development based on the NowSecure Secure Mobile Development Best Practices
With the big delays in the time it takes until an iOS jailbreak is public and stable, it is often not possible to test mobile apps in the latest iOS version. Occasionally customers might also provide builds that only work in iOS versions for which no jailbreak is available. On Android the situation is better, but there can also be problems to root certain phone models. These trends make security testing of mobile apps difficult. This talk will cover approaches to defeat common security mechanisms that must be bypassed in the absence of root/jailbreak.
I attended the Android Penetration testing session organized by Null Bangalore. It was an AWESOME session by Ashish and everyone enjoyed it. This is the first time the Humla session was organized at Flipkart and it was beautiful venue. As I was sure that I may forget it later, I documented the entire session so that it will help me to revise it later as well. I have tried to make it as comprehensive as possible which gives you precise step by step instructions. It also covers most of the errors and solutions
we all faced during the session. This will help all of us to revise whatever we were taught in the Humla Session. It covers everything except the challenges. I am sure once you go through this document it will help you and others as well who were not able to attend.
Cheers !!!
Video at http://mrkn.co/andsec
With Android activations reaching a million devices per day, it is no surprise that security threats against our favorite mobile platform have been on the rise.
In this session, you will learn all about Android's security model, including application isolation (sandboxing) and provenance (signing), its permission system and enforcement, data protection features and encryption, as well as enterprise device administration.
Together, we will dig into Android's own internals to see how its security model is applied through the entire Android stack - from the Linux kernel, to the native layers, to the Application Framework services, and to the applications themselves.
Finally, you’ll learn about some of the weaknesses in the Android's model (including rooting, tap-jacking, malware, social-engineering) as well as what can be done to mitigate those threats, such as SE-Linux, memory protection, anti-malware, firewall, and developer best practices.
By the end of this session you will have a better understanding of what it takes to make Android a more trusted component of our personal and professional lives.
this is a short awareness talk in one of OWASP MEETUP sessions in University Kuala Lumpur, Malaysia, discussing about Android application penetration testing and how to discover potential vulnerabilities
An inconvenient truth: Evading the Ransomware Protection in windows 10 @ LeHackSoya Aoyama
How many sites do you use? Is the password long enough and secure? Do not tell me you reused it.
Unfortunately, we have not a memory good enough to remember so many passwords long and secure.
For this reason, there are several companies providing password management applications. However, are they really secure?
I have executed a man-in-the-middle attack against a certain password management application.
Surprisingly, the password was exchanged in plain text between .exe and .dll, and it was very easy to steal it.
The program I created is generic and, under certain conditions, can steal information between all .exe and .dll in Windows.
In this talk, I will demonstrate the actual attack, and provide technical explanations to enable this attack. And finally, I suggest ways to protect other apps from this attack.
Slides from my beginner level talk on FRIDA and its usage while Pentesting Android Applications. Covers topics like Installation of Frida and Bypassing Pinning and Root Detection using Frida.
Tools/Processes for serious android app developmentGaurav Lochan
I've managed a team that developed serious android apps, and ended up dabbling with tools out there and processes/systems. Here is a quick summary of the various things to think about if you're serious about android development, and in some cases, my recommendations.
This covers:
IDE
Build
Source Control
Bug/Task tracking
Crash reporting
Analytics
Test Automation
Continuous Integration
Device Matrix testing
Performance testing
Beta testing
A/B testing
Backend-as-a-Service
Advanced Malware Analysis Training Session 7 - Malware Memory Forensicssecurityxploded
This presentation is part of our Advanced Malware Analysis Training Series program.
For more details refer our Security Training page
http://securityxploded.com/security-training.php
The workshop will also provide a thorough guide on how the mobile applications can be attacked and provide an overview of how some of the most important security checks for the applications are applied and get an in-depth understanding of these security checks.
Course Content:
Android Introduction & Basics
Setting up the Pen testing environment
Reverse engineering & runtime manipulation
Application dynamic runtime analysis
Application Components and security issues
Data and Network interception – manipulation and analysis
Defensive Tools & Techniques for Android application
A high level view of how Netflix culture, open source technology, and custom software can build a continuous delivery pipeline to allow multiple deployments a day.
[Ultracode Munich #4] Short introduction to the new Android build system incl...BeMyApp
By Thomas Endres & Andres Würl both Senior Consultant from TNG Technology Consulting https://www.tngtech.com
Join the Ultracode Munich meetup: http://www.meetup.com/Ultracode-Munich/
"The widespread adoption of custom URI protocols to launch specific Windows Universal App can be diverted to a nefarious purpose. The URI schemes in Windows 10 can be abused in such a way to maintain persistence via the 'Living off the Land' approach. Backdooring a compromised Windows account in userland context is a matter of seconds. The operation is concealed to the unaware victim thanks to the URI intents being transparently proxyed to the legitimate default application. The subtle fileless payloads can be triggered in many contexts, from the Narrator available in the Windows logon screen (an undocumented Accessibility Feature abuse technique that set off this whole research) to the classical web 'attack surface'."
All this research started with a novel Accessibility Feature Abuse I discuss here:
https://www.secjuice.com/abusing-windows-10-for-fileless-persistence/
The tool was demo at BlackHat Europe Arsenal 2019:
https://www.blackhat.com/eu-19/arsenal/schedule/#backoori-tool-aided-persistence-via-windows-uri-schemes-abuse-18131
The term “usable security” is on everyone’s lips and there seems to be a general agreement that, first, security controls should
not unnecessarily affect the usability and unfriendliness of systems. And, second, that simple to use system should be preferred
as they minimize the risk of handling errors that can be the root cause of security incidents such as data leakages.
But it also seems to be a general surprise (at least for security experts), why software developers always (still) make so many
easy to avoid mistakes that lead to insecure software systems. In fact, many of the large security incidents of the last
weeks/months/years are caused by “seemingly simple to fix” programming errors.
Bringing both observations together, it should be obvious that we need usable and developer-friendly security controls and
programming frameworks that make it easy to build secure systems. Still, reality looks different: many programming languages, APIs, and frameworks provide complex interfaces that are, actually, hard to use securely. In fact, they are miles away from
providing usable security for developers.
In this talk, I will discuss examples of complex and “non-usable” security for developers such as APIs that, in fact, are (nearly)
impossible to use securely or that require a understanding of security topics that most security experts to not have (and, thus,
that we cannot expert from software developers).
Presentation for openSUSE Asia Summit 2015.
Here I explained what kind of security risk Docker is having, and how can we reduce the risk by using AppArmor.
Demystify Information Security & Threats for Data-Driven Platforms With Cheta...Chetan Khatri
Pragmatic presentation on Penetration testing for Data-Driven Platforms.
Agenda:
- Motivation
- Information Security - Ethics.
- Encryption
- Authentication
- Information Security & Potential threats with Open Source World.
- Find vulnerabilities.
- Checklist before using any Open Source library.
- Vulnerabilities report.
- Penetration Testing for Data-Driven Developments.
Issues and implementation of a process for creating a false digital alibi.
The aim is to produce a state of the personal computer that confirming a false digital alibi, following the execution of an automated procedure, without leaving any traces of automation. The aim is to answer to the questions:
1) How reliable is a digital alibi?
2) May have been artificially created?
Within the project, are discussed the issues to consider while creating a false alibi on a machine running Mac OS X and is demonstrated that it is possible to produce artificially "human" traces of machine use.
Similar to Android Security & Penetration Testing (20)
Unicom Conference - Mobile Application SecuritySubho Halder
Mobile adoption is strategic in every industry today. Although it can be a great catalyst for growth, the security risks that come with it cannot be overlooked. Even though this fact is established, many companies are still not following some of the mobile application security best practices. The goal of this is to raise awareness about application security by identifying some of the most critical risks facing organizations during development. We will be covering from basic OWASP top 10 security issues to live demos on different use-case scenarios on how a hacker can hack your application, and how to prevent them.
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Subho Halder
Mobile App Security is an issue which isn’t given much priority while your app is in the development stage, as a result of which hackers are able to target your iOS app.
This talk will feature the most common security mistake developers do, and how to fix them easily. It will also cover different security & privacy enhancements provided by Apple such as SecKey API, Differential Privacy, Cryptographic Libraries, et cetera in iOS 10 which will enable developers to ship secure applications in the Appstore
Security, Privacy & Convenience – key drivers for mobile adoption from a cons...Subho Halder
Appknox will talk about bole security and privacy from a consumer perspective and discuss things that businesses need to keep in mind. While time to market is an important thing, security should not be replaced by convenience.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
2. ./AboutMe.sh
Information Security Researcher
Trainer at BlackHat, OWASP AppSec, ToorCon, SysCan.
Lead Developer of AFE (Android Framework for Exploitation)
Python Lovers
Co-founder of XYSEC (http://xysec.com)
Have found bug in some famous websites including Google, Apple, Microsoft,
Skype, Adobe and many more
Monday, 23 September 13
3. Some Companies I have found Vulnerabilities in .....
And many more...
Monday, 23 September 13
4. ./Agenda
Quick Introduction to Android Internals
Android Security Model
Android Coding Best Practices
Android Malware, Technique, Effectiveness using AFE (Android Framework for
Exploitation)
Small Social Experiment !
Monday, 23 September 13
5. Android Internals.exe
Based on Linux kernel version 3.x (version 2.6 prior to Android 4.0 ICS)
Application runs through Dalvik VM (Dalvik Virtual Machine)
Dalvik VM runs executable files like dex (Dalvik executable) or apk files
apk files are zipped content of Resources, Signatures, classes.dex and
AndroidManifest.xml file
Monday, 23 September 13
6. Android Security Model.txt
Application are sandboxed (Runs with different UID and GID)
Zygote spawns a new process for each Application
Each Application runs with a separate instance of Dalvik VM
Special Permissions are provided to access Hardware API’s
Permissions are mentioned in AndroidManifest.xml file.
Monday, 23 September 13
7. Android Application.apk
Just an Archive !
Written mainly in Java and XML
Multiple Entry-points, such as Activity, Services,
Intents, Content Providers, etc.
Monday, 23 September 13
10. Uploading a sensitive file from SD-Card to
Remote Server without any Permission!
Read Files from
SD-Card
Uploads File to
Remote Server
Upload a file through
Browser
Permission not
Required for
READING files from
SD Card
Opening Browser
through INTENT
doesn’t requires
Permission
Intent(Intent.ACTION_VIEW, Uri.parse("http://google.com/"));
Save theValue in the
GET parameter to a
file in Server
Monday, 23 September 13
12. Android Coding Best Practices
Follow -> http://developer.android.com/guide/practices/index.html
Top 10 Mobile Risks (Outdated) -> https://www.owasp.org/index.php/
Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Risks
Attend more GDG Talks and other Security Conferences
Shoot me a tweet @sunnyrockzzs
Monday, 23 September 13
14. AndroidManifest.xml OMG ! (Contd.)
android:exported= “True” in <provider> will turn into a nightmare !
BTW by default it is “True” if either android:minSdkVersion or
android:targetSdkVersion to “16” or lower. For applications that set either of
these attributes to “17” or higher, the default is “false”.
Monday, 23 September 13
17. Android Malware (Common Features)
Send SMS to premium Number
Subscribe to premium Services
Dial Premium number
Steal messages, contact list, logs
Steal SD-Card files
Auto-respond to attackers’s text messages !
Monday, 23 September 13
18. Creating a Malware.vbs
Use CONTENT PROVIDERS
Make use of CURSORS & SQLITE databases
Write JAVA codes like crazy
Set up Server component
Get frustrated, start from bullet-point one.
Monday, 23 September 13
19. If you don’t have past relationship with JAVA
Monday, 23 September 13
23. “I am not Afraid” - Eminem
Monday, 23 September 13
24. Faking Legitimate Application?
Malware services generally injected in legitimate applications
How to do it?
legitimate apk Smali/Java
Add malicious
services/classes
RecompileFinal malware
Monday, 23 September 13
25. USE AFE TO AUTOMATE !!
Monday, 23 September 13
26. Android Framework for Exploitation.py
To make your life easier !
Find security vulnerabilities in your device+apps
Protect your device against malwares
Create automated malwares/botnets + send the data to a python listener
Inject malicious services in another applications
Use Android Exploits Crypt existing malwares to make them FUD
Monday, 23 September 13
29. Let’s Make it FUD
Matches the signature with its
database
Checks the activity, service and
other class names
checks the names of the variables
Checks the control flow graph
Monday, 23 September 13
30. Let’s Make it FUD
Matches the signature with its
database
Checks the activity, service and
other class names
checks the names of the variables
Checks the control flow graph
Rebuild + Zipalign
Monday, 23 September 13
31. Let’s Make it FUD
Matches the signature with its
database
Checks the activity, service and
other class names
checks the names of the variables
Checks the control flow graph
Modifies the classnames and all its
references within files
Example: Converts com.example.org to com.omg.lol
Monday, 23 September 13
32. Let’s Make it FUD
Matches the signature with its
database
Checks the activity, service and
other class names
checks the names of the variables
Checks the control flow graph
Split variables into two, and
append at runtime
Example:
String a = “hello”
Will now become
String aa = “hel”
String ab = “lo”
String a = aa + ab
Monday, 23 September 13
33. Let’s Make it FUD
Matches the signature with its
database
Checks the activity, service and
other class names
checks the names of the variables
Checks the control flow graph
Add dummy loops to change
CFG
Example:
goto end;
start: //everything in this label will execute, only when it is called
........
end: //everything in this label will execute, only when it is called
goto start;
Monday, 23 September 13
37. ./Conclusion -h
Be safe
Don’t download apps from 3rd party markets
Turn USB debugging OFF
Anti-virus vendors -> Switch to dynamic analysis Focus on BYOD security
We also conduct trainings on Advanced Mobile Hands-on Security/Exploitation
for both Android and iOS
Monday, 23 September 13
38. HEY WAIT!! WHERE IS THE
SOCIAL EXPERIMENT ?
Monday, 23 September 13