SlideShare une entreprise Scribd logo

Beginners guide-to-reverse-engineering-android-apps-pau-oliva-fora-viaforensics-rsa-conference-2014

viaForensics
viaForensics

Beginners' Guide to Reverse Engineering Android Apps - Pau Oliva Fora at RSA Conference 2014

Formation
1  sur  22
Télécharger pour lire hors ligne
SESSION ID: Beginners Guide to Reverse Engineering Android Apps STU-W02B Pau Oliva Fora Sr. Mobile Security Engineer viaForensics @pof
#RSAC Agenda  Anatomy of an Android app  Obtaining our target apps  Getting our hands dirty: reversing the target application  Demo using Santoku Linux 2
Anatomy of an Android app
#RSAC Anatomy of an Android app  Simple ZIP file, renamed to “APK” extension  App resources  Signature  Manifest (binary XML) 4
Obtaining our target apps
#RSAC Getting the APK from the phone  Backup to SD Card:  APKOptic  Astro file manager  etc… 6
#RSAC Getting the APK from the phone  Using ADB (Android Debug Bridge):  adb shell pm list packages  adb pull /data/app/package-name-1.apk 7
#RSAC Downloading the APK from Google Play  Using unofficial Google Play API:  https://github.com/egirault/googleplay-api  Using a web service or browser extension:  http://apps.evozi.com/apk-downloader/  http://apify.ifc0nfig.com/static/clients/apk-downloader/ 8
#RSAC Downloading the APK from Google Play  Using unofficial Google Play API:  https://github.com/egirault/googleplay-api  Using a web service or browser extension:  http://apps.evozi.com/apk-downloader/  http://apify.ifc0nfig.com/static/clients/apk-downloader/ 9
Getting our hands dirty: reversing the target application
#RSAC Disassembling DEX Smali 11
#RSAC Apktool  apktool - https://code.google.com/p/android-apktool/  Multi platform, Apache 2.0 license  Decode resources to original form (and rebuild after modification)  Transforms binary Dalvik bytecode (classes.dex) into Smali source 12
#RSAC Smali 13
#RSAC Decompiling – Java Decompiler DEX JAR JAVA 14
#RSAC Dex2Jar  dex2jar - https://code.google.com/p/dex2jar/  Multi platform, Apache 2.0 license  Converts Dalvik bytecode (DEX) to java bytecode (JAR)  Allows to use any existing Java decompiler with the resulting JAR file 15
#RSAC Java Decompilers  Jd-gui - http://jd.benow.ca/  Multi platform  closed source  JAD - http://varaneckas.com/jad/  Multi platform  closed source  Command line  Others: Dare, Mocha, Procyon, … 16
#RSAC Decompiling – Android (Dalvik) decompiler DEX JAVA 17
#RSAC Dalvik Decompilers  Transforming DEX to JAR looses important metadata that the decompiler could use.  Pure Dalvik decompilers skip this step, so they produce better output  Unfortunately there are not as many choices for Android decompilers as for Java decompilers:  Open Source: Androguard’s DAD - https://code.google.com/p/androguard/  Commercial: JEB - http://www.android-decompiler.com/  Others? 18
Demo – Santoku
#RSAC Demo – Santoku Linux  Santoku Linux - https://santoku-linux.com/  Mobile Forensics  Mobile Malware analysis  Mobile application assessment 20
#RSAC Summary  APK files are ZIP files, can be extracted with any unzip utility  Apktool helps extracting binary resources, and allows repacking  Dex2jar converts Dalvik Bytecode to Java Bytecode  Pure Android decompilers are better  Santoku Linux has all the tools you need to reverse engineering mobile apps 21
#RSAC Q&A | Contact | Feedback  Thanks for listening…  @pof  github.com/poliva  poliva@viaforensics.com 22

Recommandé

inside dvm internals
inside dvm internalsinside dvm internals
inside dvm internalsMykola Bova
 
Springboard & OpenCV
Springboard & OpenCVSpringboard & OpenCV
Springboard & OpenCVCruise Chen
 
.Net Hijacking to Defend PowerShell BSidesSF2017
.Net Hijacking to Defend PowerShell BSidesSF2017 .Net Hijacking to Defend PowerShell BSidesSF2017
.Net Hijacking to Defend PowerShell BSidesSF2017 Amanda Rousseau
 
Scala FS 2012
Scala FS 2012Scala FS 2012
Scala FS 2012Diego Pacheco
 
Java 9 new features
Java 9 new featuresJava 9 new features
Java 9 new featuresMasudul Haque
 
FRIDA 101 Android
FRIDA 101 AndroidFRIDA 101 Android
FRIDA 101 AndroidTony Thomas
 
Os Koziarsky
Os KoziarskyOs Koziarsky
Os Koziarskyoscon2007
 
Android - ADB
Android - ADBAndroid - ADB
Android - ADBYossi Gruner
 

Recommandé

inside dvm internals
inside dvm internalsinside dvm internals
inside dvm internalsMykola Bova
 
Springboard & OpenCV
Springboard & OpenCVSpringboard & OpenCV
Springboard & OpenCVCruise Chen
 
.Net Hijacking to Defend PowerShell BSidesSF2017
.Net Hijacking to Defend PowerShell BSidesSF2017 .Net Hijacking to Defend PowerShell BSidesSF2017
.Net Hijacking to Defend PowerShell BSidesSF2017 Amanda Rousseau
 
Scala FS 2012
Scala FS 2012Scala FS 2012
Scala FS 2012Diego Pacheco
 
Java 9 new features
Java 9 new featuresJava 9 new features
Java 9 new featuresMasudul Haque
 
FRIDA 101 Android
FRIDA 101 AndroidFRIDA 101 Android
FRIDA 101 AndroidTony Thomas
 
Os Koziarsky
Os KoziarskyOs Koziarsky
Os Koziarskyoscon2007
 
Android - ADB
Android - ADBAndroid - ADB
Android - ADBYossi Gruner
 
Import golang; struct microservice
Import golang; struct microserviceImport golang; struct microservice
Import golang; struct microserviceGiulio De Donato
 
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1Apkudo
 
really really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfacesreally really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfacesGiulio De Donato
 
Aosp+
Aosp+Aosp+
Aosp+jpuderer
 
Startup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django sessionStartup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django sessionJuraj Michálek
 
You're Off the Hook: Blinding Security Software
You're Off the Hook: Blinding Security SoftwareYou're Off the Hook: Blinding Security Software
You're Off the Hook: Blinding Security SoftwareCylance
 
Asynchronous Systems with Fn Flow
Asynchronous Systems with Fn FlowAsynchronous Systems with Fn Flow
Asynchronous Systems with Fn FlowJosé Paumard
 
用 Go 語言實戰 Push Notification 服務
用 Go 語言實戰 Push Notification 服務用 Go 語言實戰 Push Notification 服務
用 Go 語言實戰 Push Notification 服務Bo-Yi Wu
 
ADB(Android Debug Bridge): How it works?
ADB(Android Debug Bridge): How it works?ADB(Android Debug Bridge): How it works?
ADB(Android Debug Bridge): How it works?Tetsuyuki Kobayashi
 
GCE 上搭配 Cloud Storage 建置 Drone CI
GCE 上搭配 Cloud Storage 建置 Drone CI GCE 上搭配 Cloud Storage 建置 Drone CI
GCE 上搭配 Cloud Storage 建置 Drone CIMING JUI Chen
 
What Can Reverse Engineering Do For You?
What Can Reverse Engineering Do For You?What Can Reverse Engineering Do For You?
What Can Reverse Engineering Do For You?Amanda Rousseau
 
X Means Y
X Means YX Means Y
X Means YCommonsWare
 
Golang Project Layout and Practice
Golang Project Layout and PracticeGolang Project Layout and Practice
Golang Project Layout and PracticeBo-Yi Wu
 
The Hookshot: Runtime Exploitation
The Hookshot: Runtime ExploitationThe Hookshot: Runtime Exploitation
The Hookshot: Runtime ExploitationPrathan Phongthiproek
 
ARM Cortex-A53 Errata on Andoid
ARM Cortex-A53 Errata on AndoidARM Cortex-A53 Errata on Andoid
ARM Cortex-A53 Errata on Andoidhidenorly
 
PyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application securePyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application secureIMMUNIO
 
Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07Frédéric Harper
 
C/C++ Remote Development Overview
C/C++ Remote Development OverviewC/C++ Remote Development Overview
C/C++ Remote Development OverviewThitipong Jampajeen
 
Git, CMake, Conan - How to ship and reuse our C++ projects?
Git, CMake, Conan - How to ship and reuse our C++ projects?Git, CMake, Conan - How to ship and reuse our C++ projects?
Git, CMake, Conan - How to ship and reuse our C++ projects?Mateusz Pusz
 
sebis research profile
sebis research profilesebis research profile
sebis research profilesebistum
 
Hide Android applications in images
Hide Android applications in imagesHide Android applications in images
Hide Android applications in imagesAnge Albertini
 
Cyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSUCyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSUMohit Rampal
 

Contenu connexe

Tendances

Import golang; struct microservice
Import golang; struct microserviceImport golang; struct microservice
Import golang; struct microserviceGiulio De Donato
 
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1Apkudo
 
really really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfacesreally really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfacesGiulio De Donato
 
Startup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django sessionStartup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django sessionJuraj Michálek
 
You're Off the Hook: Blinding Security Software
You're Off the Hook: Blinding Security SoftwareYou're Off the Hook: Blinding Security Software
You're Off the Hook: Blinding Security SoftwareCylance
 
Asynchronous Systems with Fn Flow
Asynchronous Systems with Fn FlowAsynchronous Systems with Fn Flow
Asynchronous Systems with Fn FlowJosé Paumard
 
用 Go 語言實戰 Push Notification 服務
用 Go 語言實戰 Push Notification 服務用 Go 語言實戰 Push Notification 服務
用 Go 語言實戰 Push Notification 服務Bo-Yi Wu
 
ADB(Android Debug Bridge): How it works?
ADB(Android Debug Bridge): How it works?ADB(Android Debug Bridge): How it works?
ADB(Android Debug Bridge): How it works?Tetsuyuki Kobayashi
 
GCE 上搭配 Cloud Storage 建置 Drone CI
GCE 上搭配 Cloud Storage 建置 Drone CI GCE 上搭配 Cloud Storage 建置 Drone CI
GCE 上搭配 Cloud Storage 建置 Drone CIMING JUI Chen
 
What Can Reverse Engineering Do For You?
What Can Reverse Engineering Do For You?What Can Reverse Engineering Do For You?
What Can Reverse Engineering Do For You?Amanda Rousseau
 
Golang Project Layout and Practice
Golang Project Layout and PracticeGolang Project Layout and Practice
Golang Project Layout and PracticeBo-Yi Wu
 
ARM Cortex-A53 Errata on Andoid
ARM Cortex-A53 Errata on AndoidARM Cortex-A53 Errata on Andoid
ARM Cortex-A53 Errata on Andoidhidenorly
 
PyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application securePyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application secureIMMUNIO
 
Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07Frédéric Harper
 
C/C++ Remote Development Overview
C/C++ Remote Development OverviewC/C++ Remote Development Overview
C/C++ Remote Development OverviewThitipong Jampajeen
 
Git, CMake, Conan - How to ship and reuse our C++ projects?
Git, CMake, Conan - How to ship and reuse our C++ projects?Git, CMake, Conan - How to ship and reuse our C++ projects?
Git, CMake, Conan - How to ship and reuse our C++ projects?Mateusz Pusz
 

Tendances (19)

Import golang; struct microservice
Import golang; struct microserviceImport golang; struct microservice
Import golang; struct microservice
 
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1
Who Needs Thumbs? Reverse Engineering Scramble with Friends v1.1
 
really really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfacesreally really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfaces
 
Aosp+
Aosp+Aosp+
Aosp+
 
Startup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django sessionStartup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django session
 
You're Off the Hook: Blinding Security Software
You're Off the Hook: Blinding Security SoftwareYou're Off the Hook: Blinding Security Software
You're Off the Hook: Blinding Security Software
 
Asynchronous Systems with Fn Flow
Asynchronous Systems with Fn FlowAsynchronous Systems with Fn Flow
Asynchronous Systems with Fn Flow
 
用 Go 語言實戰 Push Notification 服務
用 Go 語言實戰 Push Notification 服務用 Go 語言實戰 Push Notification 服務
用 Go 語言實戰 Push Notification 服務
 
ADB(Android Debug Bridge): How it works?
ADB(Android Debug Bridge): How it works?ADB(Android Debug Bridge): How it works?
ADB(Android Debug Bridge): How it works?
 
GCE 上搭配 Cloud Storage 建置 Drone CI
GCE 上搭配 Cloud Storage 建置 Drone CI GCE 上搭配 Cloud Storage 建置 Drone CI
GCE 上搭配 Cloud Storage 建置 Drone CI
 
What Can Reverse Engineering Do For You?
What Can Reverse Engineering Do For You?What Can Reverse Engineering Do For You?
What Can Reverse Engineering Do For You?
 
X Means Y
X Means YX Means Y
X Means Y
 
Golang Project Layout and Practice
Golang Project Layout and PracticeGolang Project Layout and Practice
Golang Project Layout and Practice
 
The Hookshot: Runtime Exploitation
The Hookshot: Runtime ExploitationThe Hookshot: Runtime Exploitation
The Hookshot: Runtime Exploitation
 
ARM Cortex-A53 Errata on Andoid
ARM Cortex-A53 Errata on AndoidARM Cortex-A53 Errata on Andoid
ARM Cortex-A53 Errata on Andoid
 
PyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application securePyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application secure
 
Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07
 
C/C++ Remote Development Overview
C/C++ Remote Development OverviewC/C++ Remote Development Overview
C/C++ Remote Development Overview
 
Git, CMake, Conan - How to ship and reuse our C++ projects?
Git, CMake, Conan - How to ship and reuse our C++ projects?Git, CMake, Conan - How to ship and reuse our C++ projects?
Git, CMake, Conan - How to ship and reuse our C++ projects?
 

En vedette

sebis research profile
sebis research profilesebis research profile
sebis research profilesebistum
 
Hide Android applications in images
Hide Android applications in imagesHide Android applications in images
Hide Android applications in imagesAnge Albertini
 
Cyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSUCyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSUMohit Rampal
 
ToorCon 14 : Malandroid : The Crux of Android Infections
ToorCon 14 : Malandroid : The Crux of Android InfectionsToorCon 14 : Malandroid : The Crux of Android Infections
ToorCon 14 : Malandroid : The Crux of Android InfectionsAditya K Sood
 
BlackHat USA 2013 Arsenal - Sparty : A FrontPage and SharePoint Security Audi...
BlackHat USA 2013 Arsenal - Sparty : A FrontPage and SharePoint Security Audi...BlackHat USA 2013 Arsenal - Sparty : A FrontPage and SharePoint Security Audi...
BlackHat USA 2013 Arsenal - Sparty : A FrontPage and SharePoint Security Audi...Aditya K Sood
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014viaForensics
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxviaForensics
 
One Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
One Phish, Two Phish, Red Phish, Your Account Details Just Got StolenOne Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
One Phish, Two Phish, Red Phish, Your Account Details Just Got StolenOpenDNS
 
Cyber Security for Critical Infrastrucutre-ppt
Cyber Security for Critical Infrastrucutre-pptCyber Security for Critical Infrastrucutre-ppt
Cyber Security for Critical Infrastrucutre-pptMohit Rampal
 
Blackhat USA 2015: BGP Stream Presentation
Blackhat USA 2015: BGP Stream PresentationBlackhat USA 2015: BGP Stream Presentation
Blackhat USA 2015: BGP Stream PresentationOpenDNS
 
Shodan- That Device Search Engine
Shodan- That Device Search EngineShodan- That Device Search Engine
Shodan- That Device Search EngineInMobi Technology
 
BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...
BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...
BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...Aditya K Sood
 
APT 28 :Cyber Espionage and the Russian Government?
APT 28 :Cyber Espionage and the Russian Government?APT 28 :Cyber Espionage and the Russian Government?
APT 28 :Cyber Espionage and the Russian Government?anupriti
 
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...Aditya K Sood
 
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...arnaudsoullie
 
Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testingSanthosh Kumar
 

En vedette (18)

sebis research profile
sebis research profilesebis research profile
sebis research profile
 
Hide Android applications in images
Hide Android applications in imagesHide Android applications in images
Hide Android applications in images
 
Cyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSUCyber as WMD- April 2015- GFSU
Cyber as WMD- April 2015- GFSU
 
ToorCon 14 : Malandroid : The Crux of Android Infections
ToorCon 14 : Malandroid : The Crux of Android InfectionsToorCon 14 : Malandroid : The Crux of Android Infections
ToorCon 14 : Malandroid : The Crux of Android Infections
 
BlackHat USA 2013 Arsenal - Sparty : A FrontPage and SharePoint Security Audi...
BlackHat USA 2013 Arsenal - Sparty : A FrontPage and SharePoint Security Audi...BlackHat USA 2013 Arsenal - Sparty : A FrontPage and SharePoint Security Audi...
BlackHat USA 2013 Arsenal - Sparty : A FrontPage and SharePoint Security Audi...
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linux
 
One Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
One Phish, Two Phish, Red Phish, Your Account Details Just Got StolenOne Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
One Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
 
Cyber Security for Critical Infrastrucutre-ppt
Cyber Security for Critical Infrastrucutre-pptCyber Security for Critical Infrastrucutre-ppt
Cyber Security for Critical Infrastrucutre-ppt
 
Blackhat USA 2015: BGP Stream Presentation
Blackhat USA 2015: BGP Stream PresentationBlackhat USA 2015: BGP Stream Presentation
Blackhat USA 2015: BGP Stream Presentation
 
M.Tech. Cyber Security & Incident Response
M.Tech. Cyber Security & Incident ResponseM.Tech. Cyber Security & Incident Response
M.Tech. Cyber Security & Incident Response
 
Shodan- That Device Search Engine
Shodan- That Device Search EngineShodan- That Device Search Engine
Shodan- That Device Search Engine
 
BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...
BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...
BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...
 
APT 28 :Cyber Espionage and the Russian Government?
APT 28 :Cyber Espionage and the Russian Government?APT 28 :Cyber Espionage and the Russian Government?
APT 28 :Cyber Espionage and the Russian Government?
 
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
BlackHat 2014 Briefings - Exploiting Fundamental Weaknesses in Botnet C&C Pan...
 
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
 
Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testing
 
Social Media at NASA, 2012 Edition
Social Media at NASA, 2012 EditionSocial Media at NASA, 2012 Edition
Social Media at NASA, 2012 Edition
 

Similaire à Beginners guide-to-reverse-engineering-android-apps-pau-oliva-fora-viaforensics-rsa-conference-2014

LinkedIn - Disassembling Dalvik Bytecode
LinkedIn - Disassembling Dalvik BytecodeLinkedIn - Disassembling Dalvik Bytecode
LinkedIn - Disassembling Dalvik BytecodeAlain Leon
 
Manish Chasta - Securing Android Applications
Manish Chasta - Securing Android ApplicationsManish Chasta - Securing Android Applications
Manish Chasta - Securing Android ApplicationsPositive Hack Days
 
Deep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UKDeep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UKJosé Paumard
 
Alternatives to Java for Android development
Alternatives to Java for Android developmentAlternatives to Java for Android development
Alternatives to Java for Android developmentttogrul
 
Null mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-ExploitationNull mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-ExploitationNitesh Malviya
 
Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011pundiramit
 
GDGSCL - Docker a jeho provoz v Heroku a AWS
GDGSCL - Docker a jeho provoz v Heroku a AWSGDGSCL - Docker a jeho provoz v Heroku a AWS
GDGSCL - Docker a jeho provoz v Heroku a AWSLadislav Prskavec
 
Mobile development in 2020
Mobile development in 2020 Mobile development in 2020
Mobile development in 2020 Bogusz Jelinski
 
Alternatives to Java for Android development
Alternatives to Java for Android developmentAlternatives to Java for Android development
Alternatives to Java for Android developmentttogrul
 
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırmaToğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırmaFarhad
 
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırmaToğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırmaFarhad
 
Optimizing Spring Boot apps for Docker
Optimizing Spring Boot apps for DockerOptimizing Spring Boot apps for Docker
Optimizing Spring Boot apps for DockerGraham Charters
 
An Introduction To Android
An Introduction To AndroidAn Introduction To Android
An Introduction To Androidnatdefreitas
 
Very Early Review - Rocket(CoreOS)
Very Early Review - Rocket(CoreOS)Very Early Review - Rocket(CoreOS)
Very Early Review - Rocket(CoreOS)충섭 김
 
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat DasNull Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat Dasnullowaspmumbai
 
2014 09 30_sparkling_water_hands_on
2014 09 30_sparkling_water_hands_on2014 09 30_sparkling_water_hands_on
2014 09 30_sparkling_water_hands_onSri Ambati
 

Similaire à Beginners guide-to-reverse-engineering-android-apps-pau-oliva-fora-viaforensics-rsa-conference-2014 (20)

LinkedIn - Disassembling Dalvik Bytecode
LinkedIn - Disassembling Dalvik BytecodeLinkedIn - Disassembling Dalvik Bytecode
LinkedIn - Disassembling Dalvik Bytecode
 
Manish Chasta - Securing Android Applications
Manish Chasta - Securing Android ApplicationsManish Chasta - Securing Android Applications
Manish Chasta - Securing Android Applications
 
Core Android
Core AndroidCore Android
Core Android
 
Deep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UKDeep Dive Java 17 Devoxx UK
Deep Dive Java 17 Devoxx UK
 
Alternatives to Java for Android development
Alternatives to Java for Android developmentAlternatives to Java for Android development
Alternatives to Java for Android development
 
Null mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-ExploitationNull mumbai-Android-Insecure-Data-Storage-Exploitation
Null mumbai-Android-Insecure-Data-Storage-Exploitation
 
Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011Android porting for dummies @droidconin 2011
Android porting for dummies @droidconin 2011
 
Getting Native with NDK
Getting Native with NDKGetting Native with NDK
Getting Native with NDK
 
GDGSCL - Docker a jeho provoz v Heroku a AWS
GDGSCL - Docker a jeho provoz v Heroku a AWSGDGSCL - Docker a jeho provoz v Heroku a AWS
GDGSCL - Docker a jeho provoz v Heroku a AWS
 
Apache cordova
Apache cordovaApache cordova
Apache cordova
 
Mobile development in 2020
Mobile development in 2020 Mobile development in 2020
Mobile development in 2020
 
Alternatives to Java for Android development
Alternatives to Java for Android developmentAlternatives to Java for Android development
Alternatives to Java for Android development
 
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırmaToğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
 
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırmaToğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
Toğrul Tağıyev - Müxtəlif dillərdə Android proqramlaşdırma
 
Optimizing Spring Boot apps for Docker
Optimizing Spring Boot apps for DockerOptimizing Spring Boot apps for Docker
Optimizing Spring Boot apps for Docker
 
An Introduction To Android
An Introduction To AndroidAn Introduction To Android
An Introduction To Android
 
Very Early Review - Rocket(CoreOS)
Very Early Review - Rocket(CoreOS)Very Early Review - Rocket(CoreOS)
Very Early Review - Rocket(CoreOS)
 
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat DasNull Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
 
2014 09 30_sparkling_water_hands_on
2014 09 30_sparkling_water_hands_on2014 09 30_sparkling_water_hands_on
2014 09 30_sparkling_water_hands_on
 
Reverse Engineering Android Application
Reverse Engineering Android ApplicationReverse Engineering Android Application
Reverse Engineering Android Application
 

Dernier

ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxnelietumpap1
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 

Dernier (20)

ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptx
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 

Beginners guide-to-reverse-engineering-android-apps-pau-oliva-fora-viaforensics-rsa-conference-2014

  • 1. SESSION ID: Beginners Guide to Reverse Engineering Android Apps STU-W02B Pau Oliva Fora Sr. Mobile Security Engineer viaForensics @pof
  • 2. #RSAC Agenda  Anatomy of an Android app  Obtaining our target apps  Getting our hands dirty: reversing the target application  Demo using Santoku Linux 2
  • 3. Anatomy of an Android app
  • 4. #RSAC Anatomy of an Android app  Simple ZIP file, renamed to “APK” extension  App resources  Signature  Manifest (binary XML) 4
  • 6. #RSAC Getting the APK from the phone  Backup to SD Card:  APKOptic  Astro file manager  etc… 6
  • 7. #RSAC Getting the APK from the phone  Using ADB (Android Debug Bridge):  adb shell pm list packages  adb pull /data/app/package-name-1.apk 7
  • 8. #RSAC Downloading the APK from Google Play  Using unofficial Google Play API:  https://github.com/egirault/googleplay-api  Using a web service or browser extension:  http://apps.evozi.com/apk-downloader/  http://apify.ifc0nfig.com/static/clients/apk-downloader/ 8
  • 9. #RSAC Downloading the APK from Google Play  Using unofficial Google Play API:  https://github.com/egirault/googleplay-api  Using a web service or browser extension:  http://apps.evozi.com/apk-downloader/  http://apify.ifc0nfig.com/static/clients/apk-downloader/ 9
  • 10. Getting our hands dirty: reversing the target application
  • 12. #RSAC Apktool  apktool - https://code.google.com/p/android-apktool/  Multi platform, Apache 2.0 license  Decode resources to original form (and rebuild after modification)  Transforms binary Dalvik bytecode (classes.dex) into Smali source 12
  • 14. #RSAC Decompiling – Java Decompiler DEX JAR JAVA 14
  • 15. #RSAC Dex2Jar  dex2jar - https://code.google.com/p/dex2jar/  Multi platform, Apache 2.0 license  Converts Dalvik bytecode (DEX) to java bytecode (JAR)  Allows to use any existing Java decompiler with the resulting JAR file 15
  • 16. #RSAC Java Decompilers  Jd-gui - http://jd.benow.ca/  Multi platform  closed source  JAD - http://varaneckas.com/jad/  Multi platform  closed source  Command line  Others: Dare, Mocha, Procyon, … 16
  • 17. #RSAC Decompiling – Android (Dalvik) decompiler DEX JAVA 17
  • 18. #RSAC Dalvik Decompilers  Transforming DEX to JAR looses important metadata that the decompiler could use.  Pure Dalvik decompilers skip this step, so they produce better output  Unfortunately there are not as many choices for Android decompilers as for Java decompilers:  Open Source: Androguard’s DAD - https://code.google.com/p/androguard/  Commercial: JEB - http://www.android-decompiler.com/  Others? 18
  • 20. #RSAC Demo – Santoku Linux  Santoku Linux - https://santoku-linux.com/  Mobile Forensics  Mobile Malware analysis  Mobile application assessment 20
  • 21. #RSAC Summary  APK files are ZIP files, can be extracted with any unzip utility  Apktool helps extracting binary resources, and allows repacking  Dex2jar converts Dalvik Bytecode to Java Bytecode  Pure Android decompilers are better  Santoku Linux has all the tools you need to reverse engineering mobile apps 21
  • 22. #RSAC Q&A | Contact | Feedback  Thanks for listening…  @pof  github.com/poliva  poliva@viaforensics.com 22