Upload File

reversing)android)apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […]...

  • Home
  • Documents
  • Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]
63
Reversing Android Apps Hacking and cracking Android apps is easy

Upload: others

Post on 03-Mar-2020

5 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Reversing  Android  Apps  

Hacking  and  cracking  Android  apps  is  easy  

Page 2: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Agenda  

•  Issues  (in  the  past)  •  Android  security  /  code  concept  •  Techniques  for  pentesters  /  reverse  engineers  •  My  experiences  and  the  general  quality  of  apps  

Page 3: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

My  approach  

•  Bought  HTC  Desire/Bravo  with  Android  2.0  (now  2.2.0)  in  2010  

•  Finding  security  related  issues  

Page 4: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Issues  (in  the  past?)  

Page 5: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Losing  phones  

Page 6: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

CircumvenLng  lock  screen  

Page 7: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

CircumvenLng  lock  screen  •  Poor  lock  screen  implementaLon  – Home  buOon  mashing,  not  all  brands<=  2.2  –  Back  buOon  during  call,  not  all  brands  <=  2.0  –  Plug  into  car  dock,  unknown  – Gmail  address  &  password  „null“,  unknown  

•  Lock  screen  not  acLvated  •  USB  debug  on  (adb  shell)  •  Associated  Google  account  •  OpenRecovery,  Milestone  <=  2.1  •  Aquire  physical  memory  (forensic  tools)  

Page 8: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Google  Market  –  a  feel  free  environment  

Page 9: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Bring  malware  to  the  mobile  

•  XSS  on  Google  Market  website  •  Convince  users  (aka  put  on  market)  •  App  without  permissions  installs  apps  with  permissions  – Angry  Birds  extra  level  malware,  fixed  – Browser  vulnerability  (cookie  stealing),  <  2.3.5  – New  technique  going  to  be  released  in  November  

•  Oberheide/Lanie,  Source  Barcelona  

Page 10: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Other  issues  

•  Facebook-­‐App  V.  1.6  is  able  to  read/write/edit  SMS/MMS  

•  Plain  authenLcaLon  tokens,  fixed  •  SMS  receiver  incorrect,  fixed  •  Htclogger,  HTC  only  •  App  reversing  •  Many  more  

Page 11: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Nuclear  chain  of  command...  

xkcd.com  

Page 12: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

...  is  similar  to  the  Android  chain  of  security  

Page 13: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

My  situaLon  

•  Bought  HTC  Desire  in  2010  •  SLll  on  Android  2.2.0,  means:    – Screen  lock  circumvenLon  (buOon  mashing)  – Vulnerable  to  DroidDream  malware  – Browser  vulnerability    

•  Cookie  stealing  /  XSS  •  Can  be  used  to  install  apps  

Page 14: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Android  security  /  code  concept  

Page 15: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Security  Concept  

•  Dalvik  Java  VM  is  no  security  layer  •  Permission  system  •  Android  is  a  Linux  •  One  app  =  one  Linux  user  

Page 16: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Android  code  •  Write  app  in  Java  and  HTML/Javascript  (Android  SDK)  –  The  obvious  approach  – Most  apps  from  the  Google  Market  –  Easy  to  decompile/disassemble/reassemble  

•  Write  app  in  ARM  naLve  code  (Android  NDK)  –  Together  with  Java  code  –  ARM  Assembler  Reverse  Engineering  and  JNI  

•  Use  a  framework/generator  –  appmakr.com  –  PhoneGap  –  Others?  

Page 17: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Techniques  for  pentesters  /  reverse  engineers  

Page 18: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

1.  Gehng  hundrets  of  Android  Apps  (apk  files)  

Page 19: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Obvious  download  approach  

•  Open  market  app  on  mobile  •  Click  app  and  install  •  SCP  apk  file  from  phone  à  Too  slow,  not  enough  space  on  mobile,  etc    

Page 20: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

How  to  download  all  Android  apps  

•  Connect  mobile  to  laptop  Wifi  with  airbase-­‐ng  /  dnsmasq  

•  Use  iptables  to  redirect  to  local  Burp  –  thx  Android  for  not  having  a  proxy  opLon  

•  BurpExtender  to  save  responses  with  apk  files  •  Send  mobile  a  HTTP  404  not  found  

Page 21: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Install  all  apps?  

•  One  HTTPS  request  to  market.android.com  •  Change  the  app  name  – com.google.android.youtube  

•  Modified  w3af  spider  /  regex  plugin  – Search  for  terms  A  ...  ZZ  on  market.android.com  – No  restricLons  (e.g.  Captcha)  as  in  Google  search  

•  Wrote  script  that  sends  HTTPS  requests  with  app  name  

Page 22: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Download  environment  

Page 23: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Metadata  

•  About  300’000  apps  in  market  •  Crawled  about  10’000  app  names  •  Successfully  downloaded  and  decompiled  about  3’500  apps  (about  15  GB)  – Took  about  3  days  to  download  all  these  apps  

Page 24: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

2.  Decompile/disassemble  

Page 25: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

The  apktool  disassembled  structure  

+assets +res +drawable -icon.png +layout -main.xml +values -strings.xml +META-INF -AndroidManifest.xml -classes.dex

•  Apk  unzipped  +assets +res +drawable -icon.png +layout -main.xml +values -strings.xml -AndroidManifest.xml +smali +com +... -apktool.yml

à          apktool  disassembled  

Page 26: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Two  approaches  

•  Disassembling  to  smali  – Similar  to  Jasmin  syntax  (Java  assembler  code)  – Apktool  

•  Correct  smali  code  •  Didn’t  use  dexdump/dedexer  

•  Decompiling  to  Java  – Dex2Jar  +  Java-­‐Decompiler  

•  SomeLmes  incorrect  Java  code  

Page 27: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Disassembling  howto  

•  Apktool  me$ java -jar apktool.jar d app.apk output-folder

Page 28: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Disassembled  example  

Page 29: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Reasssembling  howto  

•  Apktool  me$ echo "change something" change something me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 -keystore someone.keystore […] me$ jarsigner -keystore someone.keystore fake.apk someone me$ adb install fake-app.apk

Page 30: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

3.  Other  techniques  for  pentesters  

Page 31: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Heap  dump  

me$ su me# ps | grep kee 949 10082 183m S com.android.keepass 960 0 1964 S grep kee me# kill -10 949 me# grep password /data/misc/heap-dump-tm1312268434-pid949.hprof thisisasecretpassword

•  In  Android  >  2.3  – BuOon  in  DDMS  tool  or  call  android.os.Debug.dumpHprofData(fileName)  

Page 32: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Invoking  AcLviLes  

•  AcLviLes  are  basically  user  interfaces  – „one  screen“  

•  Fortunately  this  example  doesn‘t  work  

me$ dumpsys package > packages.txt me$ am start -n com.android.keepass/com.keepassdroid.PasswordActivity

Page 33: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Tons  of  other  tools  •  Androguard  •  Apkinspector  –  GUI  combining  apktool,  dex2jar,  a  Java  decompiler,  byte  code,  etc.  

•  DED  •  androidAuditTools  •  Smartphonesdumbapps  •  Taintdroid  (Privacy  issues)  •  Android  Forensic  Toolkit  •  viaExtract  •  More  

Page 34: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Experiences  when  decompiling/disassembling  3‘500  apps  

Finding  security  related  issues  

Page 35: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Metadata  

•  About  3’500  apps  – 2’300  unique  email  addresses  – 1’000  «fuck»  – Several  twiOer  /  facebook  /  flickr  /  geocaching  API  keys  

Page 36: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Low  hanging  fruits  

Page 37: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Hashing  and  encrypLon  –  a  short  best  pracLces  refresh  

•  Secure  algorithms/implementaLons  •  Random,  long  salts/keys  •  Hashing  – Separate  salt  for  every  hash  – Several  hashing  rounds  

•  E.g.  hash(hash(  ...  hash(pwd+salt)+salt  ...  ))  

•  EncrypLon  – Keep  the  key  secret  

Page 38: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]
Page 39: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Key:  MSB  always  0  

Used  for  sending  passwords  in  HTTPS  

Page 40: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Used  to  signalise  the  server  that  in-­‐

game  goods  were  purchased  

Page 41: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]
Page 42: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]
Page 43: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Obfuscated  code  

Who  calls  this  „ah“  constructor?  

Page 44: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Obfuscated  code  

•  4  greps  later...  •  c.f  includes  the  key  – c.f  calls  a.bs(key)  

•  a.bs  calls  a.ah(key)  –  a.ah  uses  the  key  and  locale  variables  for  encrypLon  

•  We  know  all  the  input  data  for  the  encrypLon  rouLne  

•  It‘s  symmetric  crypto  •  We  can  decrypt  „it“  (whatever  it  might  be)  

Page 45: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

TestXXXXX.java  

•  Yeah,  let’s  copy/paste  a  test  email!  

Page 46: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

TestXXXXX2.java  

•  And  credenLals  for  the  test  server...  

Page 47: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Some  apps  I  looked  at  more  closely  

(it’s  gehng  worse)  

Page 48: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  1  -­‐  banking  app  •  Who  really  wants  banking  on  the  mobile?  •  A  lot  of  banking  apps!  Yay!  •  App  1  – No  obfuscaLon  +  can  easily  be  recompiled  – App  simply  shows  the  website  – Hides  the  URL  and  SSL  cert/lock  from  the  user  – Can  only  be  used  with  mTAN  

Page 49: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  2  

•  Server  had  self-­‐signed  SSL  cerLficate  •  SSL  MITM  Dump:    /usernam e=B1436A 13E85D20 F2428D6E 232C2B93 FE....pa ssword=2 C30F3866 016E6C59 52655C06 400BCC6. imei=405 23204606 E450... ...

Wow,  it’s  encrypted...  Don’t  we  need  a  key  for  that?  

Page 50: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  2  

•  AES  key  public byte[] cryptKey42 = {-31, -21, 4, 24, -21, 54, -63, -40, -38, 61, -47, -115, -95, -36, -142, 64, 53, 120, -85, -96, -69, 85, 81, 16, -36, 80, -102, 95, -20, 110, 36, -11};  

Page 51: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  3  –  root  detecLon  private boolean deviceRoot(){ try{

Runtime.getRuntime().exec("su"); return true; } catch (IOException localIOException){ return false; } }

Page 52: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  3  –  CircumvenLng  root  detecLon  

•  Not  necessary  

Page 53: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  4    –  Another  root  detecLon  

public static boolean isDeviceRooted(){ File f = new File(“/system/sbin/su”) return f.exists()

}  

Page 54: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  4  -­‐  Removing  root  detecLon  me$ java -jar apktool.jar d app.apk source […] me$ sed -i "" 's/system\/sbin\/su/system\/sbin\/CEW1PFSLK/g' source/smali/net/example/checks.smali me$ java -jar apktool.jar b source/ fake.apk […] me$ keytool -genkey -alias someone -validity 100000 -keystore someone.keystore […] me$ jarsigner -keystore someone.keystore fake.apk someone me$ adb install fake.apk

Page 55: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  4  –  Was  that  a  good  method  to  remove  the  root  detecLon?  

•  Altering  the  app  – No  updates  

•  We  only  want  to  fail  that  simple  check  

Page 56: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

App  4  -­‐  Prevent  root  detecLon  

me$ adb shell $ su # cd /system/bin/; mount -o remount,rw -o rootfs rootfs /; mount -o remount,rw -o yaffs2 /dev/block/mtdblock3 /system # echo $PATH /sbin:/system/sbin:/system/bin:/system/xbin # mv /system/sbin/su /system/xbin/

root  stays  root!  

Page 57: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

A  special  secret  key  

•  445  apps  use  the  same  AES  key  – byte[]  a  =  {  10,  55,  -­‐112,  -­‐47,  -­‐6,  7,  11,  75,  -­‐7,  -­‐121,  121,  69,  80,  -­‐61,  15,  5  }  

Page 58: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Google  Ads  

•  Encrypt  last  known  locaLon  – All  locaLon  providers  (GPS,  Wifi,  ...)  

•  Send  via  the  „uule“  JSON  parameter  •  NoLfied  Google  on  the  23th  of  June  – No  response  yet  

•  To  be  honest  I  haven‘t  seen  the  „uule“  parameter  in  my  network  yet  

Page 59: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Google  Ads  

•  Why  didn‘t  they  use  asymmetric  crypto?  

Page 60: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Countermeasures  

•  Use  asymmetric  crypto  instead  of  symmetric  when  transfering  data  to  a  server  

•  Store  hashes/session  tokens  instead  of  passwords  

•  Good  obfuscaLon  is  Security  Through  Obscurity  

•  Pentest  your  apps  •  Know  the  limitaLons  –  root  stays  root  

Page 61: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

References  •  hOp://designora.com/graphics/android-­‐logo/  •  hOp://blog.duosecurity.com/2011/05/when-­‐angry-­‐birds-­‐aOack-­‐android-­‐ediLon/  •  hOp://jon.oberheide.org/blog/2011/03/07/how-­‐i-­‐almost-­‐won-­‐pwn2own-­‐via-­‐xss/  •  hOp://www.h-­‐online.com/open/news/item/Android-­‐apps-­‐send-­‐unencrypted-­‐authenLcaLon-­‐token-­‐1243968.html  •  hOps://www.infosecisland.com/blogview/13459-­‐Google-­‐Sued-­‐for-­‐SurrepLLous-­‐Android-­‐LocaLon-­‐Tracking.html  •  hOp://www.h-­‐online.com/open/news/item/Android-­‐malware-­‐acLvates-­‐itself-­‐through-­‐incoming-­‐calls-­‐1253807.html  •  hOp://www.slideshare.net/bsideslondon/bsideslondon-­‐spo#text-­‐version  •  hOps://www.hashdays.ch/assets/files/slides/burns_android_security_the%20fun%20details.pdf  •  hOps://theassurer.com/p/756.html  •  hOp://thomascannon.net/blog/2011/02/android-­‐lock-­‐screen-­‐bypass/  •  hOp://www.symantec.com/content/en/us/about/media/pdfs/symc_mobile_device_security_june2011.pdf?

om_ext_cid=biz_socmed_twiOer_facebook_marketwire_linkedin_2011Jun_worldwide_mobilesecuritywp  •  hOp://www.xkcd.com/898  •  hOp://www.madaxeman.com/general/2009/11/lost-­‐phone.html  •  hOp://thomascannon.net/projects/android-­‐reversing/  •  hOp://www.infsec.cs.uni-­‐saarland.de/projects/android-­‐vuln/  •  hOp://www.madaxeman.com/general/2009/11/lost-­‐phone.html  •  hOp://www.heise.de/mobil/meldung/Android-­‐verschickt-­‐SMS-­‐an-­‐falsche-­‐Empfaenger-­‐2-­‐Update-­‐1162685.html  •  hOp://blog.duosecurity.com/2011/09/android-­‐vulnerabiliLes-­‐and-­‐source-­‐barcelona/  

Page 62: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Thx!  

•  TwiOer:  floyd_ch  •  hOp://floyd.ch  

Page 63: Reversing)Android)Apps) - floyd · me$ java -jar apktool.jar b output-folder/ fake-app.apk […] me$ keytool -genkey -alias someone -validity 100000 - keystore someone.keystore […]

Signatures, etc. Network Security Gene Itkis Signature scheme: Formal definition GenKey Generation: Gen(1 k ) PK, SK SignSigning: Sign(SK, M)

KeyTool IUI - EJIE...KeyTool IUI Manual de usuario Fecha: Referencia: EJIE S.A. Mediterráneo, 3 Tel. 945 01 73 00* Fax. 945 01 73 01 01010 Vitoria-Gasteiz Posta-kutxatila / Apartado:

QQ--MMOONNIITTOORR 5.1.0 FOR V5transcat-plm.com/pub/tcsoft/qmonitor510/doc/Q-Monitor_5... · 2013. 6. 11. · ## client keystore (java keystore *.jks) containing the client certificate

Using mobile devices' hardware-backed keystore for ...Using mobile devices’ hardware-backed keystore for universal authentication Akos Szente (2094613s) April 22, 2018 ABSTRACT Mobile

Installation and Configuration Guidedocs-archive.clay-tablet.net/AEM/Clay_Tablet...6.1.9 Log Service 59 6.1.10 Agent Services 60 6.1.11 Encryption Keystore (Lionbridge Freeway and

IBM Developer Kit and Runtime Environment, Java Technology ... · Java's keytool and OpenSSL but IKeyMan will generate errors for keys where the password is different from the keystore

La clase “KeyStore” es fundamental para incorporar mecanismos …lmengual/DSSR/FIRMA_DSSR_AL_PN.pdf · ejemplo lo haremos accediendo al almacén desde el código java y firmando

Crave Masternode Setup Guide v1.06 Contents - Wait for 1 confirmation of the transaction and go to Tools >> Debug Console 6 - Run command "masternode genkey" and copy down …

ภาคผนวก - Siam University · 2018-11-01 · 57 วิธีหำ Debug Keystore OS X หรือ Linux ~/.android/debug.keystore Windows C:\Users\\.android\debug.keystore

Keytool and Certificate Management

Oracle Weblogic Configuration Oracle FLEXCUBE Universal ... · In Java, a keystore is a ‘java.security.KeyStore’ instance that you can create and manipulate using the keytool

FUJITSU Cloud Service K5 API Management WebAPI …. Keystore/Truststore のCert ファイル詳細取得.....11 1.2.7. Keystore/Truststore のCert ファイルエクスポート.....12

Security at your Fingertips. A dive into Marshmallow's new fingerprint and keystore APIs

ONLY WOW - KeyStore

Sparx Systems Keystore Service User Guide - Enterprise Architect

Sparx Systems Keystore Services User Guide · Foreword The Sparx Systems Keystore Service is used to manage the registration keys issued with the Floating Licenses purchased for Enterprise

Produktbroschüre Samsung Knox - Vodafone.de€¦ · Samsung Knox nutzen: Wege zur mobilen Sicherheitslösung 15 Hohe Sicherheit des Android Keystore, unter-stützt gerätespezifische

Keytool, OpenSSL und Co. Wofür nehme ich was und Warum?

Delivering biometric elections - GenKey...GenKey 4 Identity for all All too often, biometric elections have been let down by poor quality data capture during voter registration, or

Types of ssl commands and keytool

Sparx Systems Keystore Services User Guide · 2017. 10. 19. · Foreword The Sparx Systems Keystore Service is used to manage the registration keys issued with the Floating Licenses

Managing TLS Certificate, KeyStore, and TrustStore Files€¦ · Managing TLS Certificate, KeyStore, and TrustStore Files ... Managing TLS Certificate, KeyStore, and TrustStore Files

Keytool and Certificate Management - eMedNY - update browser

The ARMs race to TrustZone - technologeeks.comtechnologeeks.com/files/TZ.pdf · Android uses of TrustZone • Cryptographic hardware backing (keystore, gatekeeper) – Key generation,

UNLOCK REMOTE CONTROL | WIRING DIAGRAMkeytectools.com/img/cms/VVDI-KEYTOOL-DIAGRAMAS (2).pdf- 12 - CHRYSLER TABLETA TABLETA MARCA CHIP KOBOT04A CHRYSLER 7961 2007-2009 Chrysler Aspen

Certificate Management or - MQ Technical Conferencemqtechconference.com/sessions_v2013/MQTC2013_Wy… ·  · 2013-09-26Why Certificate Management? ... GSKit, Keytool & OpenSSL

Présentation KeyTool IUI

TIBCO BusinessWorks. Generating the key You will have to create a certificate as you own the server. The ‘Keytool’ is a utility provided in the

MSc System and Network Engineering - de Laata hardware-backed Keystore service to the Android OS [15]. The Keystore consists of multiple components, two of which are [16]: 1.Keymaster

Java, J2EE, Tomcat, JBossbodik/doc/bodik-j2ee-15.pdf– javac kompilátor – keytool správce klíčů a certifikátů – jps výpis procesů – jstat výpis stavu procesů

UNHCR: INNOVATIVE IDENTITY MANAGEMENT SYSTEM USES ... · Smart Search & Match, Green Bit, GenKey, Warwick Warp, IriTech, SmartSensors and Cognitec. BIMS was designed to work in conjunction

Locksmith: Secure Android Keystore Based on Virtualized

Breaking Into the KeyStore: A Practical Forgery Attack ... Into the KeyStore 3 meet special needs. The particularity of our work is that we use advanced secu-rity notions, such as

Enterprise PeopleTools 8.51 PeopleBook: Integration Broker ... · Encrypting Keystore Passwords for WS-Security ... Implementing Web Server SSL/TLS ... Understanding Implementing

Creating a keystore for plugin signing the easy way