Android Hacking + Pentest
EC Council Malaysia Instructure: Sina Manavi27 March 2014
About Me
My name is Sina Manavi , Master of Computer Security and Digital ForensicsC|EH & C|HFI Certificate holder Contact : [email protected]: sinamanavi.wordpress.com
Agenda:
• Android OS• Android Security Architectures• Malwares• Attacking Android Platform• Hacking with Android
What is Android ?
• Everywhere(TV, Phones, tablets)• Runs on Linux Kernel • Easy to Exploit + open source • Uses SQLite database • Huge Community base • Official market containing over
4,000,000 apps (Google Market)
Android History Version
Android OS
Android Security
• Linux based• Open source• Wide available for everyone • Everyone can develop apps and
malwares
How to have a safe Device
• Install apps from authorized market (Google Play)
• Read the review before downloading
• Read Permission warning before installing the apps.
• Phishing/SMS?• Lock Screen to avoid unauthorized
access
How to have a safe Device cont.
• Using Antivirus• Encrypt your device and data• While using public hotspots such as
Starbucks, use VPN to encrypt your network connection
• Enable Remote Wipe feature
Security layers of Android OS
Android App Installation
Android Permission
• ACESS_COARSE_LOCATION• ACESS_FINE_LOCATION• BRICK• CALL_PHONE• INTERNET• GET ACCOUNTS• PROCESS_OUTGOING_CALLS
Android Permission
• READ_OWNER_DATA• READ_SMS• RECEIVE_SMS• SEND_SMS• USER_CREDNTIALS• WRITE_OWNER_DATA• REORD_AUDIO
Android Vulnerability or User?
Malware
• Anything that breaks the security model (without the users consent)
• Deceptive/hide true intent • bad for user / good for attacker e.g.
surveillance, collecting passwords, etc. • Applications that are detrimental to
the user running the device.
Malware
Harms a user • Financial • Privacy • Personal information – location
(surveillance) , • Stealing resources – cracking,
botnets – processing power Breaks Network policy
Malware Example
• GEO Location ? • IP Address / 3G/4G or on WiFi
network? • Scan for available blue-tooth devices • Egress filtering? ports open, etc.• SMS Receiving, Sending, Fobricating.
Malware Sample Code (Java)
Popular Malware
• Zeus• DroidDream• Geinmi- Android malware with
botnet-like capabilities• Trojan-SMS for Android FakePlayer• iCalendar
acbcad45094de7e877b65db1c28ada2
• SMS_Replicator_Secret.apk
Demo
Hacking Android Phone:– Information stealing– Remote Access – Social Engineering – Malware attack
Hacking with Andorid :– Installing Dsploit for running attack with android
(MITM, XSS, traffic sniffing….etc)– Installing kali linux on android to perform attack