Android Tamer
A presentation at ClubHack 2011 in in Pune, Maharashtra, India by Anant Shrivastava
Android Tamer By Anant Shrivastava http://anantshri.info
Agenda ● Android and Security ● Tool set available Right Now ● Android Tamer VM ● ● Source Code Analysis ● Application Development ● Security Analysis Applications ● ROM analysis ● Code Injection Demo’s 2
Android +40% Phone Market ● +10% Tablet Market ● Manufacturer support : LG,Samsung,SE & more ● Supported by Google ● Linux Based ● 3
Why Security Review ● Emerging Market. ● Smart phones. ● Easily acessible ● Emerging Target for malware distribution. ● Simply Put whole PC malacious life cycle is getting repeated in Mobile Domain 4
How and What to perform ● ● We Need to perform ● Application / Platform / Protocol Testing ● Malacious Apps / website testing ● Rom Analysis / Modification How We perform ● Setup toolset on every machine and still no standards. 5
What’s the solution ● Define Some standards. ● ● OWASP is working on it. Design some ToolKit ● Basically we need BT style toolkit for android. 6
Presenting Android Tamer 7
What is Android Tamer ● VM environment Giving you the freedom to perform ● Application Pentesting ● Malware Analysis ● Rom Modification (Core + kernel) ● ROM Analysis ● App / Malware / Native Code Development 8
Salient Features ● Based on Ubuntu 10.04 LTS ● All non needed software removed. ● Minimum mix of foreign repositories to avoid upgrade issues. ● Not just tool dump but integrated solution. ● Browser bookmarks. ● Tamer Repository configured to avoid re-download of complete VDI image. (contains only one package as of now) 9
Tools : Application Pentesting ● OWASP ZAP ● TSOCK Proxy ● Emulator configured with ZAP certificate. ● Custom Link Given to launch specific AVD. ● DDMS configured 10
Tools : Malware Analysis ● DroidBox ● APKInspector ● Apktool ● Dex2jar /JAD / DED / JD-GUI ● Smali / baksmali ● androguard 11
Tools : ROM Analysis / Modification ● DSIXDA Android Kitchen ● Unyaffs2 ● Split_bootimg ● DDMS ● Refer Tools : Development and Malware analysis 12
Tools : Development ● Eclipse + ADT ● NDK ● CodeSourcery C++ lite ● ARM DS-5 CE 13
Tools : Rooting tools ● ● Scripts ● Rageinthecage ● Psneuter ● Gingerbreak ● ZergRush APK’s ● Z4root ● Superoneclick ● Universal Androot Note : tools provided AS-IS, usage is a responsibility of USER 14
Important Links https://sourceforge.net/p/androidtamer/ 15
Future ● ● ● ● Plan to keep it going. Applications will be distributed using Tamer Repository (preconfigured) Tools and Categories to add ● Agnitio: Source code review ● Forensics Section. If you know some other cool tools that could be added send in a mail. 16
About Me Anant Shrivastava CEH, RHCE Interested in Android, Linux, Web 2.0 Member of Null and G4H Email : anant@anantshri.info ●Web : http://anantshri.info ●Blog : http://blog.anantshri.info ●
Android is emerging as a leading mobile brand however, with rise of any system also rises the misuse, and so we need a security tool to keep a check on stuff. This presentation will look at the available toolset for security professionals and will introduce some new combinations in a consolidated form of a VM environment. This will be a one stop tool required to perform any kind of operations on Android devices / applications / network, be it forensic evaluation or source code review or software security testing or customizing ROM with pre embedded stuff. everything is provided in a single package. More usages will include malware analysis along with review check of new applications inside a controlled environment. Environment will be bundled with eclipse, droiddraw, gingerbread source code. And most of the well known security tools in one single package. You can call it swiss army knife for android security.
Video
Buzz and feedback
Here’s what was said about this presentation on social media.
