In my opinion, cheating acceptable - it merely means expanding the frame of an application to the point, which is beyond what the creators of the application have ever imagined. In this talk, we explore how the popular instumentalisation framework Frida can be used to hack applications from games to mobile banking applications.
4. HACKTIVITY 2018
WHOAMI
▸ Zsombor Kovacs CISSP,
OSCP, OSWP, OSCE
▸ Researcher, testing pens for
a decade
▸ Director of Research @MRG
Effitas
▸ Founder of Hackersuli
8. HACKTIVITY 2018
TAMPERING WITH THE RUNTIME
▸ Run-time manipulation of...
everything
▸ Intercept and change method
call parameters
▸ Overwrite methods
▸ ...and go home like nothing
happened
9. HACKTIVITY 2018
TOOLS OF THE TRADE
▸ From KitKat on
▸ Designed for permanent
changes
▸ Lots of modules
XPOSED FRAMEWORK
10. HACKTIVITY 2018
TOOLS OF THE TRADE
▸ Lots of modules
▸ Supported only on KitKat :(
CYDIA SUBSTRATE
12. HACKTIVITY 2018
A TYPICAL WORKFLOW WITH FRIDA
▸ Decompile the application.
▸ Pinpoint the relevant bits in the code.
▸ Create a frida script to tweak the code while the app is
being run.
▸ Run app and the script.
▸ Profit.
15. HACKTIVITY 2018
APPLICATION DECOMPILATION
▸ Gives an approximation of the actual code (no re-
compilation)
▸ Tools of the trade
▸ dex2jar (from .apk to .jar)
▸ Your Favourite Java Decompiler (from .jar to actual
code)
▸ http://apkdecompilers.com