Download presentation
Presentation is loading. Please wait.
Published byByron Lewis Modified over 9 years ago
1
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris Papamartzivanos
2
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android SecurityCydia SubstrateSet the SystemExample
3
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security Permission Model Use permissions to escape the sandbox and interact with system resources Inform users about app permissions Isolation By default, each app runs in separate process Linux kernel is responsible for app sandboxing Applications get a dedicated part of file system (Read/Write private data, databases, raw files) No app can adversely affect other apps, the System and the user of the device Android Security Model Fundamentals Data Encryption Encrypts /data partition with AES128 with CBC and ESSIV:SHA256 Application Signing Applications must be signed by the developers otherwise will be rejected Bonds of Trust between: Google-Developers and Developers-applications Developers can be held accountable for behavior of their application Personal Information APIs, Cost-Sensitive APIs, Access Control ……
4
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Why Root? Get apps from third-party repositories. Get them for Free... Android isn't open enough to give you some of the features you want. Why root my android Device? Why am I always three updates behind? Get the new OS updates. Download and install functional custom-built ROMs. Speed/Battery Life Boosts. Back-up everything. Even apps and settings. Get rid of annoying, battery-draining, space-wasting, preinstalled software. Modify Dark Corners of Android System. Debugging applications and system components For your reasons…
5
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Dangers of Rooting Root access to apps increase the security exposure to malicious applications and potential application flaws By default, only the kernel and a small subset of the core apps run with root permissions Dangers of Rooting Installing a new operating system that provides root privileges requires that the bootloader erase existing data. BUT this is not the case when Root access gained via exploiting a kernel bug or security hole. Encrypting data with a key stored on-device does not protect the application data from root users App isolation model is compromised Generally, all fall-apart when we allow un-trusted code to run as root
6
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Permisions Permissions on malwares Dissecting Android Malware: Characterization and Evolution – Yajin Zhou and Xuxian Jiang IEEE Symposium on Security and Privacy 2012
7
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Cydia Substrate Jay Freeman (saurik) Announced Substrate for Android in 2011 While Android itself is “open”, devices that run it often aren’t Mobile substrate extensions or “Tweaks” – modifications to the experience of the system Allow users change the software running on the device and get the features they want! Changes on system itself Changes on Third-Party applications How: By hooking method invocations and objects’ creation Start Finish
8
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab STEPS 1 3 4 7 6 9 8 Get the Android SDK Root your phone Get the API level you need using SDK Manager Intergrade Substrate extension in your Project Create your Android Project Hook your Methods Restart your System… Get Cydia Substrate from Google play Get the Substrate SDK using SDK Manager 2 5
9
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Violet Example Classes can load at any time. Substrate provides the means to detect when classes of interest are loaded. void hookClassLoad(String name, MS.ClassLoadHook hook); Name: The name of the loading class Hook: instance of MS.ClassLoadHook whose classLoaded method will be executed when the class is loaded. The most critical task is to modify the operation of existing code. To do this implies being able to both replace any method as well as be able to call through to the original implementation. void hookMethod(Class _class, Member member, MS.MethodHook hook, MS.MethodPointer old); _class: Class for which member will be hooked Member: The method (or the constructor) which is going to be hooked Hook: Instance of MS.MethodHook whose invoked method contains our code Old: Instance of MS.MethodPointer pointing to the original implementation of member
10
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Be Prepared… In a situation like that… hold the volume-up key pressed! Many things can go wrong when developing at this level! Your system may crash during boot time. The Substrate must be unlinked…
11
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab void sendTextMessage (String destinationAdd, String scAdd, String text, PendingIntent sentIntent, PentingIntent deliveryIntent); public InetSocketAddress (InetAddress address, int port); Using Cydia Substrate to analyze applications’ behavior. What about hooking these methods? More Hooks… Can we use Cydia Substrate for good purposes?
12
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Cydia Substrate: http://www.cydiasubstrate.com/http://www.cydiasubstrate.com/ Android Security Overview: http://source.android.com/devices/tech/security/#interprocess-communicationhttp://source.android.com/devices/tech/security/#interprocess-communication Android Developers API: http://developer.android.com/reference/packages.htmlhttp://developer.android.com/reference/packages.html Permission Statistics: Dissecting Android Malware: Characterization and Evolution – Yajin Zhou and Xuxian Jiang IEEE Symposium on Security and Privacy 2012 References…. References…
13
iOS & Android Security, Hacking and Tweaking Workshop D.Papamartzivanos University Of the Aegean – Info Sec Lab Android Security – Cydia Substrate Dimitris Papamartzivanos Thank you!
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.