bypassing the android permission model
play

Bypassing the Android Permission Model Georgia Weidman Founder and - PowerPoint PPT Presentation

Mar 05, 2023 •368 likes •819 views

Bypassing the Android Permission Model Georgia Weidman Founder and CEO, Bulb Security LLC Is the permission model working? Are users making good decisions? Most Popular Android App Demo App abusing permissions Demo explained Permissions:

  1. Bypassing the Android Permission Model Georgia Weidman Founder and CEO, Bulb Security LLC

  2. Is the permission model working? Are users making good decisions?

  3. Most Popular Android App

  4. Demo App abusing permissions

  5. Demo explained Permissions: − Read IMEI − Read Contacts − Send SMS We exploited every one of these

  6. Rooting Android

  7. Rooting Android for Evil (DroidDream)

  8. DroidDream Permissions INTERNET READ_PHONE_STATE CHANGE_WIFI_STATE ACCESS_WIFI_STATE

  9. DroidDream

  10. DroidDream

  11. DroidDream Rooting Exploid CVE-2010-Easy (RageAgainsttheCage)

  12. DroidDream Root Payload  Permission model no longer applies − installed packages − All personal data − Send to C&C

  13. Rooting Android

  14. Demo Demo: Malicious post root payload

  18. How the Botnet Works Bot Receives a Message Bot Decodes User Data Checks for Bot Key Performs Functionality

  19. Mitigation  Users update their phones  That means they need the updates pushed out  That means you third party platforms!!

  22. Android Storage  Sdcard  VFAT  With apps  Only visible to app (default)  World readable

  23. Demo Exploiting bad storage practices

  24. Demo Explained  Stores sensitive data on the sdcard  Sdcard is VFAT  Everything is world readable

  25. Demo Explained  Discovers how the data is stored  Accesses it  Sends it to an attacker

  26. Code Examples Vulnerable Code Malicious Code

  27. BadSaveFile

  28. BadSendFile

  29. Wait? How do we get source code? Winzip/7zip etc. dex2jar jd-gui Whitepaper with more info: http://cdn01.exploit-db.com/wp- content/themes/exploit/docs/17717.pdf

  33. Nonsensical Code while (true) { if (i < 0); String str; while (true) { return; try {

  34. Mitigation  Store information securely  Not on sdcard  Not in source code  Not world readable

  35. Android Interfaces  Call other programs  Don't reinvent the wheel  Take a picture  Twitter from photo app

  36. Demo Exploiting open interface with SMS functionality

  37. Demo Explained  When it is called it sends an SMS  Caller can set the number and message  Sadly this is considered useful!

  38. Demo Explained  Calls the SMSBroadcastr  Sends number and message  Sends an SMS

  39. Code Examples Vulnerable Code Malicious Code

  40. SMSBroadcastr

  41. SMSIntent

  42. Mitigations  Don't have dangerous functionality available in interfaces  Require user interaction (click ok)  Require-permission tag in manifest for interface

  43. Contact Georgia Weidman georgiaweidman.com bulbsecurity.com georgia@bulbsecurity.com @georgiaweidman

Recommend

A certified reference validation mechanism for the permission model of Android Gustavo Betarte

A certified reference validation mechanism for the permission model of Android Gustavo Betarte

Motivation Introduction Specification Verification A certified reference validation mechanism for the permission model of Android Gustavo Betarte Juan Campo Felipe Gorostiaga Carlos Luna InCo, Facultad de Ingenier a, Universidad de

850 views • 73 slides
Small Changes, Big Changes: An Updated View on the Android Permission System Yury Zhauniarovich

Small Changes, Big Changes: An Updated View on the Android Permission System Yury Zhauniarovich

Small Changes, Big Changes: An Updated View on the Android Permission System Yury Zhauniarovich Olga Gadyatskaya RAID 2016 Sensitive Resource Protection in Android Android is the most popular mobile OS: - ~ 2 billion of third-party apps

523 views • 24 slides
AVPASS: Automatically Bypassing Android Malware Detection System Jinho Jung, Chanil Jeon, Max

AVPASS: Automatically Bypassing Android Malware Detection System Jinho Jung, Chanil Jeon, Max

AVPASS: Automatically Bypassing Android Malware Detection System Jinho Jung, Chanil Jeon, Max Wolotsky, Insu Yun, and Taesoo Kim Georgia Institute of Technology, July 27, 2017 Ab About t Us SSLab (@GT) Focusing on s ystem and security

1.25k views • 72 slides
Bypassing Android Password Manager Apps Without Root Stephan Huber, Siegfried Rasthofer, Steven

Bypassing Android Password Manager Apps Without Root Stephan Huber, Siegfried Rasthofer, Steven

Bypassing Android Password Manager Apps Without Root Stephan Huber, Siegfried Rasthofer, Steven Arzt Fraunhofer SIT 2 Stephan Siegfried Mobile Security Researcher at Head of Department Secure Fraunhofer SIT Software Engineering

948 views • 58 slides
SigPID: Significant Permission Identification for Android Malware Detection Authors: Lichao Sun,

SigPID: Significant Permission Identification for Android Malware Detection Authors: Lichao Sun,

SigPID: Significant Permission Identification for Android Malware Detection Authors: Lichao Sun, Zhiqiang Li, Qiben Yan, Witawas Srisa-an and Yu Pan Department of Computer Science and Engineering University of Nebraska Lincoln Presenters: Yu

999 views • 24 slides
BE PARANOID OR NOT TO BE ? Alize PENEL Linux and Android System Developer Dev Team Member

BE PARANOID OR NOT TO BE ? Alize PENEL Linux and Android System Developer Dev Team Member

BE PARANOID OR NOT TO BE ? Alize PENEL Linux and Android System Developer Dev Team Member Agenda 02 03 01 Network Security Internet socket in Aspects Permission in Android OS Marshmallow INTERNET PERMISSION IN MARSHMALLOW

584 views • 33 slides
Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges And

Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges And

Android Framework Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges And Solutions for Analyzing Android Alexandre Bartel University of Luxembourg September 8, 2014 Supervisor: Yves Le Traon Advisors:

992 views • 77 slides
THESE ARENT THE PERMISSIONS YOURE LOOKING FOR Anthony Lineberry David Luke Richardson

THESE ARENT THE PERMISSIONS YOURE LOOKING FOR Anthony Lineberry David Luke Richardson

THESE ARENT THE PERMISSIONS YOURE LOOKING FOR Anthony Lineberry David Luke Richardson Tim Wyatt BlackHat USA 2010 AGENDA Android Internals Overview Security/Permission Model Why Ask For Permission When You Can Ask For

1.17k views • 87 slides
TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party

TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party

TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications Faysal Hossain Shezan, Kaiming Cheng, Zhen Zhang, Yinzhi Cao, Yuan Tian Permission-based Access Control Android Chrome IFTTT 2

842 views • 82 slides
Permission Specification Kathy Au, Billy Zhou, James Huang, David Lie University of Toronto

Permission Specification Kathy Au, Billy Zhou, James Huang, David Lie University of Toronto

PScout: Analyzing the Android Permission Specification Kathy Au, Billy Zhou, James Huang, David Lie University of Toronto Smartphone Permission System Smartphones are loaded with sensors GPS, camera, microphone, NFC, Wi-Fi radio, etc.

601 views • 27 slides
Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2

Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2

Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2 Anthony Morris Jan-Felix Schmakeit Tech Lead, Android Maps API Android Developer Relations Code, Slides, Worksheet: http://goo.gl/MfY67 Welcome!

687 views • 49 slides
CS5530 Mobile/Wireless Systems GPS/Location in Android Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems GPS/Location in Android Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems GPS/Location in Android Yanyan Zhuang Department of Computer Science http://www.cs.uccs.edu/~yzhuang UC. Colorado Springs CS5530 Ref. CN5E, NT@UW, WUSTL Android Location Interface 1. Request permission in

207 views • 10 slides
Introduction to Android Development What is Android? Android is the customizable, easy to

Introduction to Android Development What is Android? Android is the customizable, easy to

Introduction to Android Development What is Android? Android is the customizable, easy to use operating system that powers more than a billion devices across the globe - from phones and tablets to watches, TV, cars and more to come.

464 views • 21 slides
- Rohit Vobbilisetty What is the Camera API Capture Photos Capture Videos Camera API -

- Rohit Vobbilisetty What is the Camera API Capture Photos Capture Videos Camera API -

- Rohit Vobbilisetty What is the Camera API Capture Photos Capture Videos Camera API - Android 2 Before starting Declare the permissions in the Android Manifest Camera Usage: &lt;uses-permission android:name=

355 views • 19 slides
Bypassing Memory Protections: The Future of Exploitation Alexander Sotirov alex@sotirov.net

Bypassing Memory Protections: The Future of Exploitation Alexander Sotirov alex@sotirov.net

Bypassing Memory Protections: The Future of Exploitation Alexander Sotirov alex@sotirov.net About me Exploit development since 1999 Research into reliable exploitation techniques: Heap Feng Shui in JavaScript Bypassing browser

1.1k views • 48 slides
CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest &lt;manifest

CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest &lt;manifest

Project #1: Color Guess Game CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest &lt;manifest xmlns:android=&quot;http://schemas.android.com/apk/res/android&quot; package=&quot;net.cserna.bence.colorguess

201 views • 3 slides
What other Android APIs may be useful for ubicomp? Speaking to Android Ref: Professional Android 4

What other Android APIs may be useful for ubicomp? Speaking to Android Ref: Professional Android 4

What other Android APIs may be useful for ubicomp? Speaking to Android Ref: Professional Android 4 Development, Meier, Ch 11, pg 437 Speech recognition: Accept inputs as speech (instead of typing) e.g. dragon dictate app? Note: Google

333 views • 16 slides
Exploratory Android Surgery Digging into droids. Jesse Burns Black Hat USA 2009 Android is a

Exploratory Android Surgery Digging into droids. Jesse Burns Black Hat USA 2009 Android is a

Exploratory Android Surgery Digging into droids. Jesse Burns Black Hat USA 2009 Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. https://www.isecpartners.com Agenda Android Security Model

725 views • 47 slides
Android AsyncTask AsyncTask Android AsyncTask is an abstract class provided by Android

Android AsyncTask AsyncTask Android AsyncTask is an abstract class provided by Android

Android AsyncTask AsyncTask Android AsyncTask is an abstract class provided by Android which gives us the liberty to perform heavy tasks in the background and keep the UI thread light thus making the application more responsive. Basic

240 views • 5 slides
Bypassing Web Application Firewalls an approach for pentesters KHALIL BIJJOU SECURITY

Bypassing Web Application Firewalls an approach for pentesters KHALIL BIJJOU SECURITY

Bypassing Web Application Firewalls an approach for pentesters KHALIL BIJJOU SECURITY CONSULTANT 17 th November 2017 BYPASSING A WAF WHY? Number of deployed Web Application Firewalls (WAFs) is increasing WAFs make a penetration

533 views • 34 slides
Android Android Application Development - Ashwin Agenda Android Platform Overview

Android Android Application Development - Ashwin Agenda Android Platform Overview

Android Android Application Development - Ashwin Agenda Android Platform Overview Installation Building Blocks Application Development Development Tools Source walk through Introduction to Android Open software

978 views • 49 slides
CS371m - Mobile Computing Android Overview and Android Development Environment What is Android?

CS371m - Mobile Computing Android Overview and Android Development Environment What is Android?

CS371m - Mobile Computing Android Overview and Android Development Environment What is Android? A software stack for mobile devices that includes An operating system Middleware Key Applications Uses Linux to provide core

1.49k views • 70 slides
CS378 - Mobile Computing Android Overview and Android Development Environment What is Android?

CS378 - Mobile Computing Android Overview and Android Development Environment What is Android?

CS378 - Mobile Computing Android Overview and Android Development Environment What is Android? A software stack for mobile devices that includes An operating system Middleware Key Applications Uses Linux to provide core

583 views • 31 slides
Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the

Android Malware Analysis on Attacks and Defense Android malware Android malware With the explosive growth of mobile device market and usage, there is an increasing number of malicious mobile applications targeting these devices and

819 views • 44 slides

More recommend