SlideShare une entreprise Scribd logo

Android App Security Assessment

Télécharger en tant que PPT, PDF
B
Blueinfy Solutions

Android based attacks and testing.

Logiciels
1  sur  58
© Blueinfy Solutions Android Attacks
© Blueinfy Solutions Insecure Data Storage • Storing sensitive information on device – a major threat • Phone can be hacked or stolen • Imagine site access, username, passwords, tokens etc. get harvested • Malware used to attack local system and fetch information out. • What are the options?
© Blueinfy Solutions Insecure calls • Storage can be accessed by third party • If device is rooted then access to sensitive information • Poor permission can allow cross access • One app accessing information of other • Information not encrypted
© Blueinfy Solutions Bird eye view
© Blueinfy Solutions Storage calls • Shared Preferences – Store private primitive data in key-value pairs. • Internal Storage – Store private data on the device memory. • External Storage – Store public data on the shared external storage. • SQLite Databases – Store structured data in a private database. • Network Connection – Store data on the web with your own network server.
© Blueinfy Solutions Accessing with adb # cd bank.One cd bank.One # ls ls cache databases files lib # cd files cd files # ls ls PublicKey remember settings temp_file # cat remember cat remember jack jack123# Got user/pass in clear text
© Blueinfy Solutions Weak Server Side Controls • Backend Application Security • Protocols • OWASP Top 10 for AppSec
© Blueinfy Solutions Analyzing HTTP traffic • Security assessment needs sound knowledge of HTTP analysis • Tools and mind needed to analyze the traffic • What to look for? – methods, cookie, querysting etc. • All part of HTTP – Response analysis is equally important.
© Blueinfy Solutions JSON • JSON (JavaScript Object Notation) - a lightweight data-interchange format • Based on JavaScript Programming Language (Standard ECMA-262) • Completely language independent • C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. • Interchangeable is the Key.
© Blueinfy Solutions JSON – object • {} { members } – members • pair pair , members – pair • string : value – array • [] [ elements ] • elements • value value , elements • value • string number object array true false null
© Blueinfy Solutions JSON • Example { "firstName": "John", "lastName": "Smith", "address": { "streetAddress": "21 2nd Street", "city": "New York", "state": "NY", "postalCode": 10021 }, "phoneNumbers": [ "212 732-1234", "646 123-4567" ] }
© Blueinfy Solutions JSON call • Calling JSON services
© Blueinfy Solutions JSON fetch • Fetch attribute
© Blueinfy Solutions Insufficient Transport Layer Protection • Poor or no Encryption during transit • Poor certification validations • Man in the middle opening • Traffic over HTTP • Token passing • Device ID over poor channel
© Blueinfy Solutions Session with token only
© Blueinfy Solutions Client Side Injection • Native or Web apps – Using poor libs – Abusing APIs • Popular injections – XSS, SQLi, XPATH etc. • Payment and SMS • Mixed usage – Using webview
© Blueinfy Solutions SQLite
© Blueinfy Solutions What is SQLite? • SQLite is an in-process library that implements a self- contained, serverless, zero-configuration, transactional SQL database engine. • It is the database which is zero configured , that means like other database you do not need to configure it in your system. • At the end, it is a comma separated file (CSV file)
© Blueinfy Solutions SQLite Commands • The standard SQLite commands to interact with relational databases are similar as SQL. • They are CREATE, SELECT, INSERT, UPDATE, DELETE, and DROP. • Data Manipulation Language Command Description INSERT Creates a record UPDATE Modifies records DELETE Deletes records
© Blueinfy Solutions Cont. • Data Query Language: • Data Definition Language: Command Description SELECT Retrieves certain records from one or more tables Command Description CREATE Creates a new table, a view of a table, or other object in database ALTER Modifies an existing database object, such as a table. DROP Deletes an entire table, a view of a table or other object in the database.
© Blueinfy Solutions SQLite – Create Database • The following command will create a new database or will open the database if it has been created. • sqlite3 [database name].db
© Blueinfy Solutions Retrieving Master Table • This command will retrieve the master table. • For example:- variable=* FROM SQLITE_MASTER; --
© Blueinfy Solutions SQLite Version • This command retrieves the version number of the db.
© Blueinfy Solutions SQLite – Create Table • For example:- create table [newtablename](id int, name text); • By using .tables on the command shell the newly created designation table is shown.
© Blueinfy Solutions SQLite – Drop Table • drop table users;--
© Blueinfy Solutions SQLite – Insert Query • INSERT INTO TABLE_NAME (column1, column2, column3,...Ncolumn) VALUES (value1, value2, value3,...Nvalue);
© Blueinfy Solutions Extending/Appending queries • By altering the select query the injected DELETE query removes all records from the company table.
© Blueinfy Solutions SQLite – OR 1=1 • ‘* from [tablename] where id=1 OR 1=1;’
© Blueinfy Solutions Adding User • insert into users values(15,’user15’)
© Blueinfy Solutions Side Channel Data Leakage • Platform issues – sandboxing or disable controls – Cache – Logs, Keystrokes, screenshots etc. – Temp files • 3rd Party libs (AD networks and analytics)
© Blueinfy Solutions Unauthorized Dialing/SMS
© Blueinfy Solutions Unauthorized Dialing/SMS • Social Engineering using Mobile Devices • Attacker plays with user’s mind • User installs application • Application sends premium rate SMS or a premium rate phone call to unknown number • Used by Malware/Trojans
© Blueinfy Solutions GGTracker • June 2010 • Another Application which sends International SMS • One SMS Costs – 40 USD (NOK 200) • Application Sends Premium SMS to US numbers
© Blueinfy Solutions UI Impersonation
© Blueinfy Solutions UI Impersonation • Attack has been there since long • On a mobile stack, known as UI impersonation • Other names are Phishing Attack, ClickJacking • Attacker plays with user’s mind and try to impersonate as other user or other application
© Blueinfy Solutions UI Impersonation • Victim looses credit card information or authentication credentials or secret • One application can create local PUSH notification as it is created from apple store • Classic example is - Netflix Application in AppStore • Flow in review process of AppStore – Anyone can name anything to their application
© Blueinfy Solutions NetFlix • Oct -2011 • Steals users “netflix” account information • Application shows error message to user “Compatibility issues with the user’s hardware” when user enters username and password and uninstalls itself • More than 10000 users lost their details in a week
© Blueinfy Solutions Activity Monitoring
© Blueinfy Solutions Activity Monitoring • Sending a blind carbon copy of each email to attacker • Listening all phone calls • Email contact list, pictures to attacker • Read all emails stored on the device • Usual intension of Spyware/Trojans
© Blueinfy Solutions Activity Monitoring • Attacker can monitor – – Audio Files – Video – Pictures – Location – Contact List – Call/Browser/SMS History – Data files
© Blueinfy Solutions Android.Pjapps • Early 2010 • Steal/Change users information • PjApps Application – • Send and monitor incoming SMS messages • Read/write to the user's browsing history and bookmarks • Install packages and Open Sockets • Write to external storage • Read the phone's state
© Blueinfy Solutions System Modification
© Blueinfy Solutions System Modification • Application will attempt to modify system configuration to hide itself (Historically this is known as ROOTKIT) • Configuration changes makes certain attack possible i.e. – – Modifying device proxy to get user’s activity monitoring – Configure BCC email sending to attacker
© Blueinfy Solutions Information in Common Services
© Blueinfy Solutions Information in Common Services • KeyBoard, Clipboard are shared amongst all the applications. • Information stored in clipboard can be accessed by all the application • Sensitive information should not be allowed to copy/paste in the application
© Blueinfy Solutions Logical Issues
© Blueinfy Solutions Logical Issues • Authentication flags and privilege escalations at application layer • Critical parameter manipulation and access to unauthorized information/content • Business constraint exploitation • Identity or profile extraction • Denial of Services (DoS) with business logic
© Blueinfy Solutions In Memory Analysis
© Blueinfy Solutions In memory analysis • Using in built command in ADB named “dumpsys” • Command to get memory dump – # Dumpsys meminfo • Can be run only by “su” (Rooting a device is mandatory)
© Blueinfy Solutions Uncovering vulnerability from Manifest File
© Blueinfy Solutions Quick Recap of Manifest tags • Manifest • Application • Activity • Activity-alias • Receiver • Service • Uses-permission
© Blueinfy Solutions Decompiling Android Applications
© Blueinfy Solutions Decompiling android application • Using Apktool - http://code.google.com/p/android-apktool/ • Using Dex2Jar - http://code.google.com/p/dex2jar/ • Using aapt (Bundled with Android SDK)
© Blueinfy Solutions Use Apktool to convert the XML to readable format Android manifest file: APK Tool
© Blueinfy Solutions Use dex2jar to convert classes.dex file in the extracted folder to .class files Use JAD to convert the class files into JAVA files Dex2Jar and JAD
© Blueinfy Solutions Debuggable flag in Android • One of the key attribute in android manifest file • Under “application” section • Describes debugging in enabled • If “Debuggable”attribute is set o true, the application will try to connect to a local unix socket “@jdwp-control” • Using JDWP, It is possible to gain full access to the Java process and execute arbitrary code in the context of the debugable application
© Blueinfy Solutions CheckDebuggable Script • Checks in APK whether debuggable is enabled • Script can be found at – http://www.espheresecurity.com/resourcest ools.html • Paper can be found at - http://www.espheresecurity.com/CheckDebu ggable.pdf
© Blueinfy Solutions Conclusion

Recommandé

iOS Application Security Testing
iOS Application Security TestingiOS Application Security Testing
iOS Application Security TestingBlueinfy Solutions
 
Mobile Application Scan and Testing
Mobile Application Scan and TestingMobile Application Scan and Testing
Mobile Application Scan and TestingBlueinfy Solutions
 
Automation In Android & iOS Application Review
Automation In Android & iOS Application Review�Automation In Android & iOS Application Review�
Automation In Android & iOS Application ReviewBlueinfy Solutions
 
Android secure coding
Android secure codingAndroid secure coding
Android secure codingBlueinfy Solutions
 
Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Blueinfy Solutions
 
Applciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumerationApplciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumerationBlueinfy Solutions
 
Mobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseMobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseBlueinfy Solutions
 
Web Services Hacking and Security
Web Services Hacking and SecurityWeb Services Hacking and Security
Web Services Hacking and SecurityBlueinfy Solutions
 

Recommandé

iOS Application Security Testing
iOS Application Security TestingiOS Application Security Testing
iOS Application Security TestingBlueinfy Solutions
 
Mobile Application Scan and Testing
Mobile Application Scan and TestingMobile Application Scan and Testing
Mobile Application Scan and TestingBlueinfy Solutions
 
Automation In Android & iOS Application Review
Automation In Android & iOS Application Review�Automation In Android & iOS Application Review�
Automation In Android & iOS Application ReviewBlueinfy Solutions
 
Android secure coding
Android secure codingAndroid secure coding
Android secure codingBlueinfy Solutions
 
Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Mobile code mining for discovery and exploits nullcongoa2013
Mobile code mining for discovery and exploits nullcongoa2013Blueinfy Solutions
 
Applciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumerationApplciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumerationBlueinfy Solutions
 
Mobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseMobile security chess board - attacks & defense
Mobile security chess board - attacks & defenseBlueinfy Solutions
 
Web Services Hacking and Security
Web Services Hacking and SecurityWeb Services Hacking and Security
Web Services Hacking and SecurityBlueinfy Solutions
 
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)Sam Bowne
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5Shreeraj Shah
 
Pentesting web applications
Pentesting web applicationsPentesting web applications
Pentesting web applicationsSatish b
 
Core defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsCore defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsKaran Nagrecha
 
Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!espheresecurity
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsSam Bowne
 
HTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsHTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsShreeraj Shah
 
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)Sam Bowne
 
Using & Abusing APIs: An Examination of the API Attack Surface
Using & Abusing APIs: An Examination of the API Attack SurfaceUsing & Abusing APIs: An Examination of the API Attack Surface
Using & Abusing APIs: An Examination of the API Attack SurfaceCA API Management
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Sam Bowne
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)Sam Bowne
 
Lets Make our Web Applications Secure
Lets Make our Web Applications SecureLets Make our Web Applications Secure
Lets Make our Web Applications SecureAryashree Pritikrishna
 
Mobile application security – effective methodology, efficient testing! hem...
Mobile application security – effective methodology, efficient testing! hem...Mobile application security – effective methodology, efficient testing! hem...
Mobile application security – effective methodology, efficient testing! hem...owaspindia
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesSam Bowne
 
CNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile paymentsCNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile paymentsSam Bowne
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2Sam Bowne
 
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...Shreeraj Shah
 
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Shreeraj Shah
 
Hacking mobile apps
Hacking mobile appsHacking mobile apps
Hacking mobile appskunwaratul hax0r
 
CNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the ApplicationCNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the ApplicationSam Bowne
 
Brief History of the Soviet Jewry Movement
Brief History of the Soviet Jewry MovementBrief History of the Soviet Jewry Movement
Brief History of the Soviet Jewry Movementphilipspiegel
 
Karen White – Becoming a more powerful observer
Karen White – Becoming a more powerful observerKaren White – Becoming a more powerful observer
Karen White – Becoming a more powerful observerSACAP
 

Contenu connexe

Tendances

CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)Sam Bowne
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5Shreeraj Shah
 
Pentesting web applications
Pentesting web applicationsPentesting web applications
Pentesting web applicationsSatish b
 
Core defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsCore defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsKaran Nagrecha
 
Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!espheresecurity
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsSam Bowne
 
HTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsHTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsShreeraj Shah
 
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)Sam Bowne
 
Using & Abusing APIs: An Examination of the API Attack Surface
Using & Abusing APIs: An Examination of the API Attack SurfaceUsing & Abusing APIs: An Examination of the API Attack Surface
Using & Abusing APIs: An Examination of the API Attack SurfaceCA API Management
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Sam Bowne
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)Sam Bowne
 
Mobile application security – effective methodology, efficient testing! hem...
Mobile application security – effective methodology, efficient testing! hem...Mobile application security – effective methodology, efficient testing! hem...
Mobile application security – effective methodology, efficient testing! hem...owaspindia
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesSam Bowne
 
CNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile paymentsCNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile paymentsSam Bowne
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2Sam Bowne
 
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...Shreeraj Shah
 
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Shreeraj Shah
 
CNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the ApplicationCNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the ApplicationSam Bowne
 

Tendances (20)

CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5
 
Pentesting web applications
Pentesting web applicationsPentesting web applications
Pentesting web applications
 
Core defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsCore defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applications
 
Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense MechanismsCh 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
 
HTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsHTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
 
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)
CNIT 128 Ch 6: Mobile services and mobile Web (part 2: SAML to end)
 
Using & Abusing APIs: An Examination of the API Attack Surface
Using & Abusing APIs: An Examination of the API Attack SurfaceUsing & Abusing APIs: An Examination of the API Attack Surface
Using & Abusing APIs: An Examination of the API Attack Surface
 
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
Ch 1: Web Application (In)security & Ch 2: Core Defense Mechanisms
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
 
Lets Make our Web Applications Secure
Lets Make our Web Applications SecureLets Make our Web Applications Secure
Lets Make our Web Applications Secure
 
Mobile application security – effective methodology, efficient testing! hem...
Mobile application security – effective methodology, efficient testing! hem...Mobile application security – effective methodology, efficient testing! hem...
Mobile application security – effective methodology, efficient testing! hem...
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application Technologies
 
CNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile paymentsCNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile payments
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2
 
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
 
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
 
Hacking mobile apps
Hacking mobile appsHacking mobile apps
Hacking mobile apps
 
CNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the ApplicationCNIT 129S: Ch 4: Mapping the Application
CNIT 129S: Ch 4: Mapping the Application
 

En vedette

Brief History of the Soviet Jewry Movement
Brief History of the Soviet Jewry MovementBrief History of the Soviet Jewry Movement
Brief History of the Soviet Jewry Movementphilipspiegel
 
Karen White – Becoming a more powerful observer
Karen White – Becoming a more powerful observerKaren White – Becoming a more powerful observer
Karen White – Becoming a more powerful observerSACAP
 
LeasePlan UK Lease Accounting Standard
LeasePlan UK Lease Accounting Standard LeasePlan UK Lease Accounting Standard
LeasePlan UK Lease Accounting Standard Rebecca Whittaker
 

En vedette (8)

Brief History of the Soviet Jewry Movement
Brief History of the Soviet Jewry MovementBrief History of the Soviet Jewry Movement
Brief History of the Soviet Jewry Movement
 
Karen White – Becoming a more powerful observer
Karen White – Becoming a more powerful observerKaren White – Becoming a more powerful observer
Karen White – Becoming a more powerful observer
 
new resume
new resumenew resume
new resume
 
Control Dynamics
Control DynamicsControl Dynamics
Control Dynamics
 
Casa-1000 project
Casa-1000 projectCasa-1000 project
Casa-1000 project
 
resume
resumeresume
resume
 
LeasePlan UK Lease Accounting Standard
LeasePlan UK Lease Accounting Standard LeasePlan UK Lease Accounting Standard
LeasePlan UK Lease Accounting Standard
 
SF Express
SF ExpressSF Express
SF Express
 

Similaire à Android App Security Assessment

Red Team Apocalypse (RVAsec Edition)
Red Team Apocalypse (RVAsec Edition)Red Team Apocalypse (RVAsec Edition)
Red Team Apocalypse (RVAsec Edition)Beau Bullock
 
Red Team Apocalypse
Red Team ApocalypseRed Team Apocalypse
Red Team ApocalypseBeau Bullock
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?Precisely
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseNetSPI
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceBrian Pichman
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataPrecisely
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataPrecisely
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version Brian Pichman
 
iOS application (in)security
iOS application (in)securityiOS application (in)security
iOS application (in)securityiphonepentest
 
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOsama Mustafa
 
Pentesting Mobile Applications (Prashant Verma)
Pentesting Mobile Applications (Prashant Verma)Pentesting Mobile Applications (Prashant Verma)
Pentesting Mobile Applications (Prashant Verma)ClubHack
 
Hacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSHacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSEC-Council
 
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLBreaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseScott Sutherland
 
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...Amazon Web Services
 
Thick Client Penetration Testing.pdf
Thick Client Penetration Testing.pdfThick Client Penetration Testing.pdf
Thick Client Penetration Testing.pdfSouvikRoy114738
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control DBmaestro - Database DevOps
 
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015Ajin Abraham
 

Similaire à Android App Security Assessment (20)

Red Team Apocalypse (RVAsec Edition)
Red Team Apocalypse (RVAsec Edition)Red Team Apocalypse (RVAsec Edition)
Red Team Apocalypse (RVAsec Edition)
 
Red Team Apocalypse
Red Team ApocalypseRed Team Apocalypse
Red Team Apocalypse
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash Course
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day Conference
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
 
iOS application (in)security
iOS application (in)securityiOS application (in)security
iOS application (in)security
 
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOracle database threats - LAOUC Webinar
Oracle database threats - LAOUC Webinar
 
Pentesting Mobile Applications (Prashant Verma)
Pentesting Mobile Applications (Prashant Verma)Pentesting Mobile Applications (Prashant Verma)
Pentesting Mobile Applications (Prashant Verma)
 
Hacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSHacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OS
 
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KLBreaking Secure Mobile Applications - Hack In The Box 2014 KL
Breaking Secure Mobile Applications - Hack In The Box 2014 KL
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
 
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
 
Thick Client Penetration Testing.pdf
Thick Client Penetration Testing.pdfThick Client Penetration Testing.pdf
Thick Client Penetration Testing.pdf
 
Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control Protect your Database with Data Masking & Enforced Version Control
Protect your Database with Data Masking & Enforced Version Control
 
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015
 
Why Web Security Matters!
Why Web Security Matters!Why Web Security Matters!
Why Web Security Matters!
 

Plus de Blueinfy Solutions

Source Code Analysis with SAST
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SASTBlueinfy Solutions
 
CSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectCSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectBlueinfy Solutions
 
XPATH, LDAP and Path Traversal Injection
XPATH, LDAP and Path Traversal InjectionXPATH, LDAP and Path Traversal Injection
XPATH, LDAP and Path Traversal InjectionBlueinfy Solutions
 
Assessment methodology and approach
Assessment methodology and approachAssessment methodology and approach
Assessment methodology and approachBlueinfy Solutions
 
HTTP protocol and Streams Security
HTTP protocol and Streams SecurityHTTP protocol and Streams Security
HTTP protocol and Streams SecurityBlueinfy Solutions
 
Advanced applications-architecture-threats
Advanced applications-architecture-threatsAdvanced applications-architecture-threats
Advanced applications-architecture-threatsBlueinfy Solutions
 

Plus de Blueinfy Solutions (13)

Html5 on mobile
Html5 on mobileHtml5 on mobile
Html5 on mobile
 
Source Code Analysis with SAST
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SAST
 
HTML5 hacking
HTML5 hackingHTML5 hacking
HTML5 hacking
 
CSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectCSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open Redirect
 
XSS - Attacks & Defense
XSS - Attacks & DefenseXSS - Attacks & Defense
XSS - Attacks & Defense
 
Defending against Injections
Defending against InjectionsDefending against Injections
Defending against Injections
 
XPATH, LDAP and Path Traversal Injection
XPATH, LDAP and Path Traversal InjectionXPATH, LDAP and Path Traversal Injection
XPATH, LDAP and Path Traversal Injection
 
Blind SQL Injection
Blind SQL InjectionBlind SQL Injection
Blind SQL Injection
 
Application fuzzing
Application fuzzingApplication fuzzing
Application fuzzing
 
SQL injection basics
SQL injection basicsSQL injection basics
SQL injection basics
 
Assessment methodology and approach
Assessment methodology and approachAssessment methodology and approach
Assessment methodology and approach
 
HTTP protocol and Streams Security
HTTP protocol and Streams SecurityHTTP protocol and Streams Security
HTTP protocol and Streams Security
 
Advanced applications-architecture-threats
Advanced applications-architecture-threatsAdvanced applications-architecture-threats
Advanced applications-architecture-threats
 

Dernier

TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....ShaimaaMohamedGalal
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 

Dernier (20)

TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 

Android App Security Assessment

  • 2. © Blueinfy Solutions Insecure Data Storage • Storing sensitive information on device – a major threat • Phone can be hacked or stolen • Imagine site access, username, passwords, tokens etc. get harvested • Malware used to attack local system and fetch information out. • What are the options?
  • 3. © Blueinfy Solutions Insecure calls • Storage can be accessed by third party • If device is rooted then access to sensitive information • Poor permission can allow cross access • One app accessing information of other • Information not encrypted
  • 5. © Blueinfy Solutions Storage calls • Shared Preferences – Store private primitive data in key-value pairs. • Internal Storage – Store private data on the device memory. • External Storage – Store public data on the shared external storage. • SQLite Databases – Store structured data in a private database. • Network Connection – Store data on the web with your own network server.
  • 6. © Blueinfy Solutions Accessing with adb # cd bank.One cd bank.One # ls ls cache databases files lib # cd files cd files # ls ls PublicKey remember settings temp_file # cat remember cat remember jack jack123# Got user/pass in clear text
  • 7. © Blueinfy Solutions Weak Server Side Controls • Backend Application Security • Protocols • OWASP Top 10 for AppSec
  • 8. © Blueinfy Solutions Analyzing HTTP traffic • Security assessment needs sound knowledge of HTTP analysis • Tools and mind needed to analyze the traffic • What to look for? – methods, cookie, querysting etc. • All part of HTTP – Response analysis is equally important.
  • 9. © Blueinfy Solutions JSON • JSON (JavaScript Object Notation) - a lightweight data-interchange format • Based on JavaScript Programming Language (Standard ECMA-262) • Completely language independent • C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. • Interchangeable is the Key.
  • 10. © Blueinfy Solutions JSON – object • {} { members } – members • pair pair , members – pair • string : value – array • [] [ elements ] • elements • value value , elements • value • string number object array true false null
  • 11. © Blueinfy Solutions JSON • Example { "firstName": "John", "lastName": "Smith", "address": { "streetAddress": "21 2nd Street", "city": "New York", "state": "NY", "postalCode": 10021 }, "phoneNumbers": [ "212 732-1234", "646 123-4567" ] }
  • 12. © Blueinfy Solutions JSON call • Calling JSON services
  • 13. © Blueinfy Solutions JSON fetch • Fetch attribute
  • 14. © Blueinfy Solutions Insufficient Transport Layer Protection • Poor or no Encryption during transit • Poor certification validations • Man in the middle opening • Traffic over HTTP • Token passing • Device ID over poor channel
  • 15. © Blueinfy Solutions Session with token only
  • 16. © Blueinfy Solutions Client Side Injection • Native or Web apps – Using poor libs – Abusing APIs • Popular injections – XSS, SQLi, XPATH etc. • Payment and SMS • Mixed usage – Using webview
  • 18. © Blueinfy Solutions What is SQLite? • SQLite is an in-process library that implements a self- contained, serverless, zero-configuration, transactional SQL database engine. • It is the database which is zero configured , that means like other database you do not need to configure it in your system. • At the end, it is a comma separated file (CSV file)
  • 19. © Blueinfy Solutions SQLite Commands • The standard SQLite commands to interact with relational databases are similar as SQL. • They are CREATE, SELECT, INSERT, UPDATE, DELETE, and DROP. • Data Manipulation Language Command Description INSERT Creates a record UPDATE Modifies records DELETE Deletes records
  • 20. © Blueinfy Solutions Cont. • Data Query Language: • Data Definition Language: Command Description SELECT Retrieves certain records from one or more tables Command Description CREATE Creates a new table, a view of a table, or other object in database ALTER Modifies an existing database object, such as a table. DROP Deletes an entire table, a view of a table or other object in the database.
  • 21. © Blueinfy Solutions SQLite – Create Database • The following command will create a new database or will open the database if it has been created. • sqlite3 [database name].db
  • 22. © Blueinfy Solutions Retrieving Master Table • This command will retrieve the master table. • For example:- variable=* FROM SQLITE_MASTER; --
  • 23. © Blueinfy Solutions SQLite Version • This command retrieves the version number of the db.
  • 24. © Blueinfy Solutions SQLite – Create Table • For example:- create table [newtablename](id int, name text); • By using .tables on the command shell the newly created designation table is shown.
  • 25. © Blueinfy Solutions SQLite – Drop Table • drop table users;--
  • 26. © Blueinfy Solutions SQLite – Insert Query • INSERT INTO TABLE_NAME (column1, column2, column3,...Ncolumn) VALUES (value1, value2, value3,...Nvalue);
  • 27. © Blueinfy Solutions Extending/Appending queries • By altering the select query the injected DELETE query removes all records from the company table.
  • 28. © Blueinfy Solutions SQLite – OR 1=1 • ‘* from [tablename] where id=1 OR 1=1;’
  • 29. © Blueinfy Solutions Adding User • insert into users values(15,’user15’)
  • 30. © Blueinfy Solutions Side Channel Data Leakage • Platform issues – sandboxing or disable controls – Cache – Logs, Keystrokes, screenshots etc. – Temp files • 3rd Party libs (AD networks and analytics)
  • 32. © Blueinfy Solutions Unauthorized Dialing/SMS • Social Engineering using Mobile Devices • Attacker plays with user’s mind • User installs application • Application sends premium rate SMS or a premium rate phone call to unknown number • Used by Malware/Trojans
  • 33. © Blueinfy Solutions GGTracker • June 2010 • Another Application which sends International SMS • One SMS Costs – 40 USD (NOK 200) • Application Sends Premium SMS to US numbers
  • 34. © Blueinfy Solutions UI Impersonation
  • 35. © Blueinfy Solutions UI Impersonation • Attack has been there since long • On a mobile stack, known as UI impersonation • Other names are Phishing Attack, ClickJacking • Attacker plays with user’s mind and try to impersonate as other user or other application
  • 36. © Blueinfy Solutions UI Impersonation • Victim looses credit card information or authentication credentials or secret • One application can create local PUSH notification as it is created from apple store • Classic example is - Netflix Application in AppStore • Flow in review process of AppStore – Anyone can name anything to their application
  • 37. © Blueinfy Solutions NetFlix • Oct -2011 • Steals users “netflix” account information • Application shows error message to user “Compatibility issues with the user’s hardware” when user enters username and password and uninstalls itself • More than 10000 users lost their details in a week
  • 39. © Blueinfy Solutions Activity Monitoring • Sending a blind carbon copy of each email to attacker • Listening all phone calls • Email contact list, pictures to attacker • Read all emails stored on the device • Usual intension of Spyware/Trojans
  • 40. © Blueinfy Solutions Activity Monitoring • Attacker can monitor – – Audio Files – Video – Pictures – Location – Contact List – Call/Browser/SMS History – Data files
  • 41. © Blueinfy Solutions Android.Pjapps • Early 2010 • Steal/Change users information • PjApps Application – • Send and monitor incoming SMS messages • Read/write to the user's browsing history and bookmarks • Install packages and Open Sockets • Write to external storage • Read the phone's state
  • 43. © Blueinfy Solutions System Modification • Application will attempt to modify system configuration to hide itself (Historically this is known as ROOTKIT) • Configuration changes makes certain attack possible i.e. – – Modifying device proxy to get user’s activity monitoring – Configure BCC email sending to attacker
  • 44. © Blueinfy Solutions Information in Common Services
  • 45. © Blueinfy Solutions Information in Common Services • KeyBoard, Clipboard are shared amongst all the applications. • Information stored in clipboard can be accessed by all the application • Sensitive information should not be allowed to copy/paste in the application
  • 47. © Blueinfy Solutions Logical Issues • Authentication flags and privilege escalations at application layer • Critical parameter manipulation and access to unauthorized information/content • Business constraint exploitation • Identity or profile extraction • Denial of Services (DoS) with business logic
  • 48. © Blueinfy Solutions In Memory Analysis
  • 49. © Blueinfy Solutions In memory analysis • Using in built command in ADB named “dumpsys” • Command to get memory dump – # Dumpsys meminfo • Can be run only by “su” (Rooting a device is mandatory)
  • 50. © Blueinfy Solutions Uncovering vulnerability from Manifest File
  • 51. © Blueinfy Solutions Quick Recap of Manifest tags • Manifest • Application • Activity • Activity-alias • Receiver • Service • Uses-permission
  • 52. © Blueinfy Solutions Decompiling Android Applications
  • 53. © Blueinfy Solutions Decompiling android application • Using Apktool - http://code.google.com/p/android-apktool/ • Using Dex2Jar - http://code.google.com/p/dex2jar/ • Using aapt (Bundled with Android SDK)
  • 54. © Blueinfy Solutions Use Apktool to convert the XML to readable format Android manifest file: APK Tool
  • 55. © Blueinfy Solutions Use dex2jar to convert classes.dex file in the extracted folder to .class files Use JAD to convert the class files into JAVA files Dex2Jar and JAD
  • 56. © Blueinfy Solutions Debuggable flag in Android • One of the key attribute in android manifest file • Under “application” section • Describes debugging in enabled • If “Debuggable”attribute is set o true, the application will try to connect to a local unix socket “@jdwp-control” • Using JDWP, It is possible to gain full access to the Java process and execute arbitrary code in the context of the debugable application
  • 57. © Blueinfy Solutions CheckDebuggable Script • Checks in APK whether debuggable is enabled • Script can be found at – http://www.espheresecurity.com/resourcest ools.html • Paper can be found at - http://www.espheresecurity.com/CheckDebu ggable.pdf