Click here to load reader
Upload
seongjae-park
View
2.660
Download
2
Embed Size (px)
DESCRIPTION
Describe a hacking using JAVA reflection which is useful for various experiments
Citation preview
Experimental Android Hacking Using Reflection
SeongJae Park, Heon Yeom,Seoul National University
Hidden Android Features
Unsecure, Or Unmatured Features Hidden From Developers
Need Such Features On Lots Of Researching
Rooting / System Modification
● Pros○ Able to Use Hidden Features○ No Limitation At All
● Cons○ Environment Is Different With Real Market Device
How Android Hide Features
3rd Party Application Use SDK Framework Interface
Built-in Application Uses Built-in Framework Interface
SDK Framework Interface != Built-in Framework Interface
Android Basic StructureBuilt-in Application3rd Party Developer
Application
SDK Framework Interface Built-in Framework Interface
On-Device Framework
Binder
System Process System Process System Process
Device
Java Reflection
● Examine or Modify Behavior Of Application○ Type Checking○ Debugging○ Test
Java Reflection
● Pros○ Unlimited Freedom
● Cons○ Performance Overhead○ Weak Security Available○ Unexpected Side-Effect
Android Hacking Using Reflection
Change SDK Framework Interface into On-Device Framework Interface
Built-in Application3rd Party Developer Application
SDK Framework Interface Built-in Framework Interface
On-Device Framework
Reflection
Android Hacking Using ReflectionTelephonyMaanger telephonyManager = (TelephonyManager)getSystemService( Context.TELEPHONY_SERVICE);try { Class c = Class.forName(telephonyManager. getClass().getName()); Method m = c.getDeclaredMethod("getITelephony"); m.setAccessible(true);
ITelephony telephony = (ITelephony)m.invoke( telephonyManager); telephony.endCall();} catch (Throwable e) {}
Restriction Of Reflection Using Hack
● Performance Overhead
● May Not Success On Every Machine○ Manufacturer’s Device Use Modified Android
● May Not Success On Latest Android