Difference between revisions of "Introduction to APK Reversing techniques"
| Line 4: | Line 4: | ||
== Background == | == Background == | ||
The main difference of IoT devices to arbitrary devices is that they offer network connectivity to allow mobile apps to read from sensors or control actuators. These apps can be used for monitoring e.g. smart fitness devices or the remote control of these devices e.g. smart lightbulp. In the OWASP IoT Top 10 security vulnerabilities mobile interfaces are included in the Insecure Ecosystem Interfaces at the third rank. Therefore a | The main difference of IoT devices to arbitrary devices is that they offer network connectivity to allow mobile apps to read from sensors or control actuators. These apps can be used for monitoring e.g. smart fitness devices or the remote control of these devices e.g. smart lightbulp. In the OWASP IoT Top 10 security vulnerabilities mobile interfaces are included in the Insecure Ecosystem Interfaces at the third rank. Therefore a security assessment of the android app is part of the security analysis of an IoT device. | ||
=== Android System === | === Android System === | ||
[[File:Andoid.png]] | |||
<div style="float: right; margin-left: 20px"> | |||
</div> | </div> | ||
| Line 19: | Line 19: | ||
== Used Hardware == | == Used Hardware == | ||
[[ | [[Motorola Moto G4 Play Smartphone 16 GB, Android, Dual-SIM, black]] | ||
== Courses == | == Courses == | ||
Revision as of 19:13, 31 March 2020
Summary
This page describes various methods that can be used to reverse mobile phone applications. An Android Package Kit (APK) is the package file format used by the Android operating system for distribution and installation of mobile apps.
Background
The main difference of IoT devices to arbitrary devices is that they offer network connectivity to allow mobile apps to read from sensors or control actuators. These apps can be used for monitoring e.g. smart fitness devices or the remote control of these devices e.g. smart lightbulp. In the OWASP IoT Top 10 security vulnerabilities mobile interfaces are included in the Insecure Ecosystem Interfaces at the third rank. Therefore a security assessment of the android app is part of the security analysis of an IoT device.
Android System
Android is based on a security hardened Linux which supports various security features such as Address Space Layout Randomization (ASLR), Canaries, non executable stack (NX memory areas) and allows only position-independent executable code. Further all system calls are firewalled and each application runs isolated for one user, the apps are usually sandboxed. Android provides a permission system for the access of resources such as contacts or camera.
Android Runtime (ART)
The Android runtime is the managed runtime used by applications and some system services on Android.The ART predecessor Dalvik VM was using a just-in-time (JIT) compiler at runtime whereas ART primarily generates a native executable in ELF format during the installation. This is also called ahead-of-time (AOT) compilation, furthermore ART includes a JIT compiler for performance reasons and update processes [1]. Both Dalvik VM and ART use the Dalvik Executable format[2] and Dex bytecode specification[3]. Android recommends writing your apps in Java code with Android SDK instead of using the native code interface Android NDK.
Used Hardware
Motorola Moto G4 Play Smartphone 16 GB, Android, Dual-SIM, black
Courses
- Campus Cyber Security Team (2020)