Explore
Register
Log in

Android Penetration Testing Part 4

A presentation at Android Penetration Testing Part 4 in March 2022 in India by Raja Nagori

Android Application Penetration Testing Raja Nagori

ANDROID ARCHITECTURE & WORKING OF APP

Android Fundamental • Based on LINUX Operating System • Commands like • ls • mv • cd • whoami • cp • etc

Android Runtime (ART) • ART is kind of a translation layer from application’s bytecode to device information. • For every application there is a own sandbox virtual machine. • Similarly, in the file system there is separate application system which is creating by new user for respective application.

Android Identity and Access Management • As each application has it’s own user. • Those user will assign an user ID which ranges from 10000 to 999999 ( like u0_a178 means UID is 10178) • Application 1 • /data/app/com.example.app – generic application data • /data/data/com.example.app – runtime storage data • /mnt/sdcard/Android/data/com.example.app – externally stored location for runtime • Application 2 • /data/app/com.example.app – generic application data • /data/data/com.example.app – runtime storage data • /mnt/sdcard/Android/data/com.example.app – externally stored location for runtime

Android Architecture • Layers of Android Architecture • Linux Kernel • Hardware Abstraction Layer • Libraries • Java API Framework • System Apps

Android Architecture Linux Kernel • Link • Support for different types of CPU in 32 bit and 64 bit architecture • Android Manifest file of each application mentioned the version of the Android using at that time. In short SDK version of the APK

Android Architecture Hardware Abstraction Layer • Layer allows to access the hardware component of the device • For example • QR code scan to initiate the payment process • To scan a document using the built in camera in mobile device. • If you using snapchat 😉then you allow the location to the application. • The NFC card again such a great service in TODAY’s devices • And many other things….

Android Architecture Native C/C++ Libraries • Webkit : A built in web browser for the application • For example any mutual fund application. • Media Framework • OpenGL and OpenMAX AL these are the UI framework for 2D and 3D model or design

Android Architecture Java API Framework • Basically it allow your application to interact with the other application or services running in your mobile devices • Content providers • Activity • Intent • Location • Package

Android Architecture System Apps • Well system application are those which is pre install in the mobile devices • Phone • Email or Gmail • Camera • Calendar • Etc

See you on next chapter of this series

Link for this presentation:

HTML code for embedding:

<p data-notist="raja80011/HpK5hN">View <a href="https://noti.st/raja80011/HpK5hN">Android Penetration Testing Part 4</a> on Notist.</p><script async src="https://on.notist.cloud/embed/002.js"></script>

Share on social media:

Tweet

Raja Nagori
@raja80011

1 / 12

MrBotcipher puts presentations on Notist

Notist

for free. You can too.

Video

Important stuff
Help & support
Terms of use
Privacy policy

And more
Pro accounts
Notist for teams
Credits

Elsewhere
Blog
Twitter
Newsletter