This document discusses building an Android app to reveal security holes. It begins by instructing attendees to connect to an open wireless network and allow non-market apps. It then discusses Android security principles like permissions and sandboxing. It notes the implications of rooting a device, including granting permissions and accessing app data. The document describes exploiting the Facebook SDK to steal login credentials from other apps. It recommends attendees download code from a GitHub link to create an app that can steal Facebook logins in the background without user knowledge.

1. Freek Kauffmann Paul Lammertsma
Workshop
Build an app that reveals
security holes on Android

2. Before we start
1. Connect to the open wireless network
2. Android setting: allow non-market
applications
3. Download AIDE from Google Play

7. APPS!

8. Android
• What are the security principles of Android?
– POSIX based (Linux)
– User IDs and File Access
– Permissions
– Application signing (identifies developer)
– Sandboxing (application isolation)

9. Android
• Implications of rooting your device?
– You can modify the Operating System
– You can replace all applications
– Access all application data
– Grant/revoke permissions
– Send data to and from the phone
• Others (malicious software?) can do the same!*

10. Android
• Facebook SDK exploit (April, David Poll)
– Logcat
– Let’s hack this!

11. We’ll make an app that…
• Steals Facebook login from bonafide apps
– Draw Something Free
– Hootsuite
– Facebook Marketplace (Oodle)
– Soundhound
– LauncherPro
– Sleepy Jack
– Airport City, Diamonds Blaze
and others by Game Insight

12. github
https://github.com/pflammertsma/FacebookThief.git

13. https://github.com/pflammertsma/FacebookThief.git
continues on
next slide…

15. Facebook Thief
Tap to enable
the background
service

16. Freek Kauffmann Paul Lammertsma
freek.kauffmann@itq.nl paul@pixplicity.com