DECOMPILING ANDROID Godfrey Nolan 1DevDay 11/5/11.

Slides:

Advertisements

Similar presentations

What is a Computer Program? For a computer to be able to do anything (multiply, play a song, run a word processor), it must be given the instructions.

Advertisements

Cracking the Code of Mobile Application OWASP APPSEC USA 2012

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Northwestern University, IL, US,

Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.

Build your Android App with Gradle Android new build system.

Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.

Wangjun Hong, Zhengyang Qu, Northwestern University, IL, US,

UFCFX5-15-3Mobile Device Development iOS Development Review.

Asst.Prof.Dr.Ahmet Ünveren SPRING Computer Engineering Department Asst.Prof.Dr.Ahmet Ünveren SPRING Computer Engineering Department.

01 Introduction to Java Technology. 2 Contents History of Java What is Java? Java Platforms Java Virtual Machine (JVM) Java Development Kit (JDK) Benefits.

Java Security Updated May Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.

Cosc 5/4730 Sign, convert, and install Android files on Blackberry Playbook.

Reverse Engineering Obfuscated Android Applications

Android Introduction Platform Overview.

Android and Eclipse Thaddeus Diamond CPSC 112. A Quick Introduction Eclipse is an IDE (Integrated Development Environment Open Source Much more full-featured.

Introduction to Mobile Malware

DroidKungFu and AnserverBot

Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.

Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.

A survey of Buffer overflow exploitation on HTC touch mobile phone Advanced Defense Lab CSIE NCU Chih-Wen Ou.

M1G Introduction to Programming 2 4. Enhancing a class:Room.

Mobile Devices Carry Hidden Threats With Financial Consequences Hold StillInstalled.

Application Security Tom Chothia Computer Security, Lecture 14.

@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.

Daniel, Stephen & Thomson 1. » Easy for learners to create mobile apps for Android smart phones » Visually fitting together puzzle piece-shaped "programming.

Is Your Mobile App Secure. DEF CON 23 Wall of Sheep Sat

What is Android NDK ● A toolset that lets you embed in you app native source code ● C, C++(recently supported December 2010) and assembly(?) ● It is supported.

Java Mobile Apps with GWT & PhoneGap Josh Marinacci, webOS Developer Advocate.

Introduction to Java CSIS 3701: Advanced Object Oriented Programming.

HTML5 for Mobile Andrew Kinai. HTML vs HTML5 HTML:A language that describes documents' formatting and content, which is basically composed of static text.

Android for Java Developers Denver Java Users Group Jan 11, Mike

Chapter 34 Java Technology for Active Web Documents methods used to provide continuous Web updates to browser – Server push – Active documents.

Roopa.T PESIT, Bangalore. Source and Credits Dalvik VM, Dan Bornstein Google IO 2008 The Dalvik virtual machine Architecture by David Ehringer.

Just as there are many human languages, there are many computer programming languages that can be used to develop software. Some are named after people,

EECS 354 Network Security Reverse Engineering. Introduction Preventing Reverse Engineering Reversing High Level Languages Reversing an ELF Executable.

Android Security Auditing Slides and projects at samsclass.info.

BIT 285: ( Web) Application Programming Lecture 15: Tuesday, February 24, 2015 Microsoft Azure Instructor: Craig Duckett.

ANDROID BY:-AANCHAL MEHTA MNW-880-2K11. Introduction to Android Open software platform for mobile development A complete stack – OS, Middleware, Applications.

1 Java applications reverse engineering Antoni Bertel AUGUST 4, 2015.

Created By. Jainik B Patel Prashant A Goswami Gujarat Vidyapith Computer Department Ahmedabad.

Core Java Introduction Byju Veedu Ness Technologies httpdownload.oracle.com/javase/tutorial/getStarted/intro/definition.html.

SMARTPHONE FORENSICS 101 General Overview of Smartphone Investigations.

Slides and projects at samsclass.info. Adding Trojans to Apps Slides and projects at samsclass.info.

SD1230 Unit 3 Under the Hood. Objectives During this unit, we will cover the following course objectives: – Describe how a computer program is compiled.

ITP 109 Week 2 Trina Gregory Introduction to Java.

丁建文國立高雄應用科大資管系副教授兼任計網中心軟體發展組組長跨平台行動應用軟體開發技術 : HTML5 & Mobile JavaScript Framework 暨南大學.

 Group 6 Project Presentation. Application Overview  The idea of the Android application is to use the Gale–Shapley algorithm that will match Medical.

G2 - Keit Team members: ●Siyang Piao ●Peter Huang ●Bojun Jin ●Ivy Wang ●Jing Wang.

Android. Android An Open Handset Alliance Project A software platform and operating system for mobile devices Based on the Linux kernel Developed by Google.

Guide To Develop Mobile Apps With Titanium. Agenda Overview Installation of Platform SDKs Pros of Appcelerator Titanium Cons of Appcelerator Titanium.

Sung-Dong Kim, Dept. of Computer Engineering, Hansung University Java - Introduction.

How to Enable Account Key Sign Instead Of Password In Yahoo? For more details:

Computer System Structures

Mobile Hacking - Fundamentals

Android Mobile Application Development

Why don’t programmers have to program in machine code?

Visit for more Learning Resources

Cash Me Presented By Group 8 Kartik Patel, Aaron Zhong, Wen-Kai Chen,

CASE STUDY 1: Linux and Android

Java programming lecture one

CMPE419 Mobile Application Development

Un</br>able’s MySecretSecrets

Microsoft Office Access 2003

Obfuscation in .NET Atchyutuni Shilpa CS-795.

Android Introduction Platform Mihail L. Sichitiu.

Android Platform, Android App Basic Components

Obfuscation Aparna Belhe CS-795.

CMPE419 Mobile Application Development

Running C# in the browser

Presentation transcript:

DECOMPILING ANDROID Godfrey Nolan 1DevDay 11/5/11

Intro What is a Decompiler? Why Android? Decompilers Protect Yourself Raising the Bar

SPAM #1

What is a Decompiler Reverse Engineers apps into source code Many languages can be decompiled Java, C#, VB.Net., Visual Basic Others can only be disassembled C, C++, Objective-C Java and.Net particularly at risk Because of JVM and CLR design Why use decompilers? Curiosity, Hacking, Learning, Fair Use

Why Java Exploits JVM Design Originally interpreted not compiled Lots more symbolic information than binaries Data and method separation Simple classfile structure Very few opcodes

Why Java

Classfile { intmagic, short minor_version, short major_version, shortconstant_pool_count, cp_infoconstant_pool[constant_pool_count], shortaccess_flags, shortthis_class, shortsuper_class, shortinterfaces_count, interface_infointerfaces[interfaces_count], shortfields_count, field_infofields[field_count], shortmethods_count, method_infomethods[methods_count], shortattribute_count, attr_infoattributes[attributes_count] }

Why Java

Why Android Client side code Easy access to apk’s Download apk to sd card using Astro File Mgr Download from xdadevelopers forum Download using ‘adb pull’ on jailbroken phone Nobody is using obfuscation 1 out of 20 apks downloaded were protected Easy to convert apk to Java to decompile

Why Android

 java –jar dex2jar.jar com.riis.mobile.apk  jd-gui com.riis.mobile.apk.dex2jar

Why Android Dex file Different structure Different opcodes Register based not stack based Multiple JVMs on device

Why Android

Why not iPhone? Objective-C Compiled not interpreted Much less information Fat binaries approach Can still be disassembled strings and otool unix commands Other tools like IDA Pro

Why Android Jailbreak/Root phone Use Z4Root Uses RageAgainstTheCage Trojan exploit Not available on Android Marketplace ;-) Using Android SDK platform tools Turn on USB debugging Find apk using adb shell Download using adb pull

Why Android

Even easier is the apk-tool Install APK-tool Download apk Right click

Decompilers Jive Mocha JAD SourceAgain JD-GUI

Possible Exploits Web Service API keys exposed Database logins Credit Card information Fake apps

Possible Exploits

public static final String USER_NAME = "BC7E9322-0B6B-4C28B4"; public static final String PASSWORD = "waZawuzefrabru96ebeb";

Protect Yourself Protect code before releasing Hard to recover once it’s been made available Obfuscators ProGuard DashO Native Code Use C++ and JNI 99.99% of Android devices run on ARM processor Use digital signature checking to protect lib

Protect Yourself ProGuard: Detects and removes unused classes, fields, methods, and attributes. Optimizes bytecode and removes unused instructions. Renames remaining classes, fields, and methods using short meaningless names. Preverifies the processed code for Java. Enable in default.properties files proguard.config=proguard.cfg

Protect Yourself DashO (basic): Improvement over ProGuard's naming by using strange characters and heavily reusing the same names at different scopes. Does much more involved control flow obfuscation than ProGuard, reordering code operations to make them very difficult to understand and often breaking decompilers. Supports string encryption to render important string data unreadable to attackers.

Protect Yourself DashO (advanced): Supports tamper detection, handling, and reporting to prevent users from changing the compiled code, even while debugging, and to alert you if it happens. Can automatically inject Preemptive's Runtime Intelligence functionality for remote error reporting.

Protect Yourself DashO demo

Protect Yourself - Decompiled

Protect Yourself - ProGuard

Protect Yourself – DashO

Protect Yourself – JNI jstring Java_com_getPassword(JNIEnv* env, jobject thiz) { char *password = “waZawuzefrabru96ebeb”; return (*env)->NewStringUTF(env, password); }

Protect Yourself – JNI

Links format-revealed.html format-revealed.html

Raising the Bar APK’s are available Tools are easy to use Turn on ProGuard Investigate other obfuscators Hide keys using JNI Don’t put sensitive information unencrypted in APKs

SPAM #2 RIIS LLC Southfield, MI Clients Fandango DTE Comerica BCBSM Mobile Development DTE Outage Maps Broadsoft Front Office Assistant Contact Information