Introduction to APK Reversing techniques

From Embedded Lab Vienna for IoT & Security
Revision as of 18:59, 31 March 2020 by Ikramer (talk | contribs)
Jump to navigation Jump to search

Summary

This page describes various methods that can be used to reverse mobile phone applications. An Android Package Kit (APK) is the package file format used by the Android operating system for distribution and installation of mobile apps.

Background

The main difference of IoT devices to arbitrary devices is that they offer network connectivity to allow mobile apps to read from sensors or control actuators. These apps can be used for monitoring e.g. smart fitness devices or the remote control of these devices e.g. smart lightbulp. In the OWASP IoT Top 10 security vulnerabilities mobile interfaces are included in the Insecure Ecosystem Interfaces at the third rank. Therefore a android security assessment is part of the security analysis of an IoT device.

Android System

File:Andoid.png

Android is based on a security hardened Linux which supports various security features such as Address Space Layout Randomization (ASLR), Canaries, non executable stack (NX memory areas) and allows only position-independent executable code. Further all system calls are firewalled and each application runs isolated for one user, the apps are usually sandboxed. Android provides a permission system for the access of resources such as contacts or camera.

Android Runtime (ART)

The Android runtime is the managed runtime used by applications and some system services on Android.The ART predecessor Dalvik VM was using a just-in-time (JIT) compiler at runtime whereas ART primarily generates a native executable in ELF format during the installation. This is also called ahead-of-time (AOT) compilation, furthermore ART includes a JIT compiler for performance reasons and update processes [1]. Both Dalvik VM and ART use the Dalvik Executable format[2] and Dex bytecode specification[3]. Android recommends writing your apps in Java code with Android SDK instead of using the native code interface Android NDK.

Used Hardware

Device to be used with this documentation Maybe another device to be used with this documentation

Courses


References

References

<references> [1] [2] [3]

  1. 1.0 1.1 https://source.android.com/devices/tech/dalvik/jit-compiler
  2. 2.0 2.1 https://source.android.com/devices/tech/dalvik/dex-format
  3. 3.0 3.1 https://source.android.com/devices/tech/dalvik/dalvik-bytecode
Retrieved from "https://wiki.elvis.science/index.php?title=Introduction_to_APK_Reversing_techniques&oldid=3445"