dismantling droids for breakfast the current state of app
play

Dismantling droids for breakfast - The current state of app reverse - PowerPoint PPT Presentation

Mar 23, 2023 •222 likes •458 views

Dismantling droids for breakfast - The current state of app reverse engineering Siegfried Rasthofer SECURE SOFTWARE ENGINEERING GROUP #whoami 3rd year PhD-Student at Secure Software Engineering Group Darmstadt, Germany (Prof. Dr.

  1. Dismantling droids for breakfast - The current state of app reverse engineering Siegfried Rasthofer SECURE SOFTWARE ENGINEERING GROUP

  2. #whoami • 3rd year PhD-Student at Secure Software 
 Engineering Group Darmstadt, Germany 
 (Prof. Dr. Eric Bodden) • Research interest: • Applied software security on Android • Static-/dynamic code analyses • Android Security: • Found 2 AOSP exploits • Security Analysis of Backend-as-a-Service • Korea Threat investigation together with McAfee Research Lab SECURE 2 SOFTWARE ENGINEERING GROUP

  3. SECURE 3 SOFTWARE ENGINEERING GROUP

  4. How easy is it to dismantle your app? SECURE 4 SOFTWARE ENGINEERING GROUP

  5. How to secure my app against piracy I am developing an android app and I am planning to publish it (paid app). I have heard that it is very easy to pirate Android apps (much easier than iphone). I was wondering from your experience or what you know, how can increase the security of my app? I know that I can never get it 100% secured but I want to make it harder for people to pirate it or distribute it illegaly Any ideas, experiences, comments you can share? That will be greatly appreciated Best regards Source: stackoverflow.com SECURE 5 SOFTWARE ENGINEERING GROUP

  6. Is it still easy to dismantle your app? SECURE 6 SOFTWARE ENGINEERING GROUP

  7. A new Binary Analysis Framework for Android and Java Bytecode SECURE 7 SOFTWARE ENGINEERING GROUP

  8. vs SECURE 8 SOFTWARE ENGINEERING GROUP

  9. Soot SECURE 9 SOFTWARE ENGINEERING GROUP

  10. Soot Input/Output .dex .java .jimple .class .apk Soot - Various callgraph algorithms - Sophisticated algorithms used in compiler construction - Code manipulation https://github.com/Sable/soot/wiki SECURE 10 SOFTWARE ENGINEERING GROUP

  11. Jimple Soot SECURE 11 SOFTWARE ENGINEERING GROUP

  12. Jimple Soot public static boolean UsbAutoRunAttack(android.content.Context $param0) { Declarations java.lang.String $String; $String = <smart.apps.droidcleaner.Tools: java.lang.String urlServer>; ... staticinvoke <smart.apps.droidcleaner.Tools: boolean Code DownloadFile(java.lang.String, java.lang.String, java.lang.String, java.lang.String, android.content.Context)> ($String, "autorun.inf", "ftpupper", "thisisshit007", $param0); Return-Statement return true; } SECURE 12 SOFTWARE ENGINEERING GROUP

  13. CodeInspect Jimple Soot SECURE 13 SOFTWARE ENGINEERING GROUP

  14. Jimple CodeInspect Soot Syntax Code Java Source Highlighting Refactoring Enhancement Jimple Code Code Debugger Readable Manipulation Files Dataflow “Region“ Deobfuscator Visualizer Detection SECURE 14 SOFTWARE ENGINEERING GROUP

  15. Let’s get started… 1. Import APK 2. Start Device SECURE 15 SOFTWARE ENGINEERING GROUP

  16. infected >20,000 user SECURE 16 SOFTWARE ENGINEERING GROUP

  17. Android/BadAccents SMS SMS E-Mail E-Mail Install Install Tapjacking Activation Tapjacking Activation Uninstall AV Uninstall AV Fake AV Fake AV Attack Component Attack Component User User Intercept Call Intercept SMS Intercept SMS Intercept Call Banking Trojan Banking Trojan Send SMS Send SMS HTTP HTTP Native Code Native Code File System File System Waiting Time Waiting Time SECURE 17 SOFTWARE ENGINEERING GROUP

  18. Live-Demo SECURE 18 SOFTWARE ENGINEERING GROUP

  19. Future Steps • New Plugins under development • Easily add own analyses SECURE 19 SOFTWARE ENGINEERING GROUP

  20. How do I get this tool? SECURE 20 SOFTWARE ENGINEERING GROUP

  21. SECURE 21 SOFTWARE ENGINEERING GROUP

  22. Siegfried Rasthofer Secure Software Engineering Group Email: siegfried.rasthofer@cased.de Blog: http://sse-blog.ec-spride.de Website: http://sse.ec-spride.de Twitter: @CodeInspect SECURE 22 SOFTWARE ENGINEERING GROUP

Recommend

Backdoors furtives et autres fourberies dans le noyau Arnaud Ebalard

Backdoors furtives et autres fourberies dans le noyau Arnaud Ebalard

Backdoors furtives et autres fourberies dans le noyau Arnaud Ebalard &lt;troglocan@droids-corp.org&gt; Pierre Lalet &lt;pierre@droids-corp.org&gt; Olivier Matz &lt;zer0@droids-corp.org&gt; Les 45 prochaines minutes ... Injection de code

836 views • 38 slides
Breakfast Success The Importance of Eating Breakfast Breakfast Breakfast is the first meal of

Breakfast Success The Importance of Eating Breakfast Breakfast Breakfast is the first meal of

Breakfast Success The Importance of Eating Breakfast Breakfast Breakfast is the first meal of the day It is the first chance to break the fast and get nutrients in your body which provide the energy you need for the day Why is

319 views • 16 slides
Welcome to the Breakfast at the BMC Lecture Series Is Californias state o of emergency r

Welcome to the Breakfast at the BMC Lecture Series Is Californias state o of emergency r

Welcome to the Breakfast at the BMC Lecture Series Is Californias state o of emergency r restrictions on w water usage affecting t the San D Diego economy and d real e est state i indu dust stry? A s special t thanks t to our

860 views • 32 slides
VPFO STRATEGIC PLAN 2019-2021 Presentation for the VPFO Breakfast PET ER SM AIL ES , VICE- PR E

VPFO STRATEGIC PLAN 2019-2021 Presentation for the VPFO Breakfast PET ER SM AIL ES , VICE- PR E

VPFO STRATEGIC PLAN 2019-2021 Presentation for the VPFO Breakfast PET ER SM AIL ES , VICE- PR E SI D E NT , FIN AN CE &amp; OPER AT IO N S SEPT EM BER 6, 2019 VPFO STRATEGIC PLAN Current State Current Organizational structure and future

334 views • 20 slides
Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by

Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by

Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by Appliances? appliance / pl ns/ Noun A device designed to perform a specific task, typically a domestic one. Digital Signage

1.04k views • 55 slides
AGENDA Time/Session: Panels/Topics 8:30 a.m. 9:00 a.m. Registration/Breakfast 9:00 a.m.

AGENDA Time/Session: Panels/Topics 8:30 a.m. 9:00 a.m. Registration/Breakfast 9:00 a.m.

3rd Annual Energy Storage Conference November 14, 2019 AGENDA Time/Session: Panels/Topics 8:30 a.m. 9:00 a.m. Registration/Breakfast 9:00 a.m. 9:30 a.m. Welcome Remarks Current State of Energy Storage Speakers: Richard F.

404 views • 3 slides
The Finances of Operating Universal Breakfast in the Classroom School Breakfast and Achievement

The Finances of Operating Universal Breakfast in the Classroom School Breakfast and Achievement

FRAC Breakfast Matters How to Webinar Series The Finances of Operating Universal Breakfast in the Classroom School Breakfast and Achievement Children who eat breakfast at school: Increase their math and reading scores Perform

894 views • 40 slides
Welcome to: Dismantling Non-Financial Barriers to Study Abroad Experienced by Underrepresented

Welcome to: Dismantling Non-Financial Barriers to Study Abroad Experienced by Underrepresented

Welcome to: Dismantling Non-Financial Barriers to Study Abroad Experienced by Underrepresented Students Consider Seating Yourselves by School Type (See Room Map at the Front) Dismantling Non-Financial Barriers to Study Abroad Experienced by

490 views • 44 slides
MONTANA NO KID HUNGRY BREAKFAST AFTER THE BELL 1 in 5 Breakfast after the Bell On average,

MONTANA NO KID HUNGRY BREAKFAST AFTER THE BELL 1 in 5 Breakfast after the Bell On average,

MONTANA NO KID HUNGRY BREAKFAST AFTER THE BELL 1 in 5 Breakfast after the Bell On average, school breakfast participation rises to more than 70% when schools implement a Breakfast after the Bell model versus 30% with a traditional model that

116 views • 10 slides
Presentation of food products Breakfast cereals Oho Breakfast cereals are well known in

Presentation of food products Breakfast cereals Oho Breakfast cereals are well known in

Presentation of food products Breakfast cereals Oho Breakfast cereals are well known in worldwide and have become an integral part of our diet and an important sector of the grocery market. Indeed, breakfast cereals are found in many of

301 views • 12 slides
evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06

evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06

evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06 Agenda evil maids detour: the android boot process attack scenarios unrooted phones adb access rooted phones protecting yourself 2 / 51 Agenda

1.31k views • 85 slides
Finite State Machine (FSM) Consists of: CLK State register S S Next Current

Finite State Machine (FSM) Consists of: CLK State register S S Next Current

Finite State Machine (FSM) Consists of: CLK State register S S Next Current Stores current state State State Loads next state at clock edge Combinational logic Computes the next state Computes the outputs Next

412 views • 26 slides
Finite State Machine (FSM) Consists of: CLK State register S S Next Current

Finite State Machine (FSM) Consists of: CLK State register S S Next Current

Finite State Machine (FSM) Consists of: CLK State register S S Next Current Stores current state State State Loads next state at clock edge Combinational logic Computes the next state Computes the outputs Next

477 views • 25 slides
DROIDS @z @zer er0m 0mem em #whoami - Peter Hlavaty (@zer0mem) [ KEEN TEAM ] Background

DROIDS @z @zer er0m 0mem em #whoami - Peter Hlavaty (@zer0mem) [ KEEN TEAM ] Background

Racing with DROIDS @z @zer er0m 0mem em #whoami - Peter Hlavaty (@zer0mem) [ KEEN TEAM ] Background @K33nTeam Previously ~4 years in ESET Contact twitter : @zer0mem weibo : weibo.com/u/5238732594 blog :

673 views • 45 slides
Breakfast at YHS Smoothie Breakfast Bar Parfait Breakfast at YES Breakfast Bar Eggs from our

Breakfast at YHS Smoothie Breakfast Bar Parfait Breakfast at YES Breakfast Bar Eggs from our

Breakfast at YHS Smoothie Breakfast Bar Parfait Breakfast at YES Breakfast Bar Eggs from our Hens

203 views • 8 slides
Welcome Please help yourself to breakfast. 1 Agenda 8:00 - 8:45am Registration and Breakfast

Welcome Please help yourself to breakfast. 1 Agenda 8:00 - 8:45am Registration and Breakfast

Welcome Please help yourself to breakfast. 1 Agenda 8:00 - 8:45am Registration and Breakfast 8:45 - 8:55am Welcome 8:55 - 9:25am Daniel Hazlett, Financial Analyst, ezFedGrants, USDA 9:25 - 9:55am Q&amp;A and Discussion 9:55 - 10:00am

227 views • 18 slides
Decommissioning and Dismantling at CEA Program, challenges and feedback experience Eric

Decommissioning and Dismantling at CEA Program, challenges and feedback experience Eric

1 st International Forum on the Decommissioning of the Fukushima Daiichi NPS 10-11 th April, Japan Decommissioning and Dismantling at CEA Program, challenges and feedback experience Eric KRAUS Deputy Director Nuclear Cleanup and

446 views • 18 slides
Exploratory Android Surgery Digging into droids. Jesse Burns Black Hat USA 2009 Android is a

Exploratory Android Surgery Digging into droids. Jesse Burns Black Hat USA 2009 Android is a

Exploratory Android Surgery Digging into droids. Jesse Burns Black Hat USA 2009 Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. https://www.isecpartners.com Agenda Android Security Model

725 views • 47 slides
Polished Droids: Bringing Android Apps to Chromebooks Maksim Lin Freelance Android Developer

Polished Droids: Bringing Android Apps to Chromebooks Maksim Lin Freelance Android Developer

Polished Droids: Bringing Android Apps to Chromebooks Maksim Lin Freelance Android Developer www.manichord.com Chromebooks ? Background Freelance Android and AOSP dev ~ 5 yrs Use and Chromebooks ~ 4yrs Wrote Git client Chrome

339 views • 31 slides
Down the Black Hole: Dismantling Operational Practices of BGP Blackholing at IXPs Marcin

Down the Black Hole: Dismantling Operational Practices of BGP Blackholing at IXPs Marcin

Down the Black Hole: Dismantling Operational Practices of BGP Blackholing at IXPs Marcin Nawrocki, Jeremias Blendin, Christoph Dietzel, Thomas C. Schmidt, Matthias Whlisch Christmas is near!

1.15k views • 80 slides
Dismantling the Barriers for Women in Computing Internationally Australia Annemieke Craig

Dismantling the Barriers for Women in Computing Internationally Australia Annemieke Craig

Dismantling the Barriers for Women in Computing Internationally Australia Annemieke Craig Austria Margit Pohl Germany Veronika Oechtering India M. Suriya Pakistan Jehan Ara South Africa Vashti Galpin Turkey Reyyan Ayfer United Kingdom

482 views • 12 slides
About us: Industrial Association for Repowering, Dismantling and Recycling of Wind Turbines

About us: Industrial Association for Repowering, Dismantling and Recycling of Wind Turbines

About us: Industrial Association for Repowering, Dismantling and Recycling of Wind Turbines (RDRWind) Insight into the development of industry standards using the example of an initiative of RDRWind e.V to develop the DIN SPEC 4866. Hannover,

938 views • 21 slides
Welcome to the DUX launch November 2016 Powered by Agenda Welcome &amp; Breakfast

Welcome to the DUX launch November 2016 Powered by Agenda Welcome &amp; Breakfast

Welcome to the DUX launch November 2016 Powered by Agenda Welcome &amp; Breakfast Introducing DUX What is the DUX Programme all about? Who should join &amp; how to register Testimonials Peermont, alumni, current students

454 views • 19 slides
BREAKFAST Breakfast Sandwich | one fresh egg, cheddar jack cheese | choice of ham, bacon, or

BREAKFAST Breakfast Sandwich | one fresh egg, cheddar jack cheese | choice of ham, bacon, or

{available from 7am-10am} BREAKFAST Breakfast Sandwich | one fresh egg, cheddar jack cheese | choice of ham, bacon, or sausage (+.25) | 3.25 | 700 cal choice of biscuit or english muffin Breakfast Quesadilla | one fresh egg, green chiles,

72 views • 3 slides

More recommend