PacktLib: Android Security Cookbook

Android Security Cookbook


About the Authors

About the Reviewers


Android Development Tools


Installing the Android Development Tools (ADT)

Installing the Java Development Kit (JDK)

Updating the API sources

Alternative installation of the ADT

Installing the Native Development Kit (NDK)

Emulating Android

Creating Android Virtual Devices (AVDs)

Using the Android Debug Bridge (ADB) to interact with the AVDs

Copying files off/onto an AVD

Installing applications onto the AVDs via ADB

Engaging with Application Security


Inspecting application certificates and signatures

Signing Android applications

Verifying application signatures

Inspecting the AndroidManifest.xml file

Interacting with the activity manager via ADB

Extracting application resources via ADB

Android Security Assessment Tools


Installing and setting up Santoku

Setting up drozer

Running a drozer session

Enumerating installed packages

Enumerating activities

Enumerating content providers

Enumerating services

Enumerating broadcast receivers

Determining application attack surfaces

Launching activities

Writing a drozer module – a device enumeration module

Writing an application certificate enumerator

Exploiting Applications


Information disclosure via logcat

Inspecting network traffic

Passive intent sniffing via the activity manager

Attacking services

Attacking broadcast receivers

Enumerating vulnerable content providers

Extracting data from vulnerable content providers

Inserting data into content providers

Enumerating SQL-injection vulnerable content providers

Exploiting debuggable applications

Man-in-the-middle attacks on applications

Protecting Applications


Securing application components

Protecting components with custom permissions

Protecting content provider paths

Defending against the SQL-injection attack

Application signature verification (anti-tamper)

Tamper protection by detecting the installer, emulator, and debug flag

Removing all log messages with ProGuard

Advanced code obfuscation with DexGuard

Reverse Engineering Applications


Compiling from Java to DEX

Decompiling DEX files

Interpreting the Dalvik bytecode

Decompiling DEX to Java

Decompiling the application's native libraries

Debugging the Android processes using the GDB server

Secure Networking


Validating self-signed SSL certificates

Using StrongTrustManager from the OnionKit library

SSL pinning

Native Exploitation and Analysis


Inspecting file permissions

Cross-compiling native executables

Exploitation of race condition vulnerabilities

Stack memory corruption exploitation

Automated native Android fuzzing

Encryption and Developing Device Administration Policies


Using cryptography libraries

Generating a symmetric encryption key

Securing SharedPreferences data

Password-based encryption

Encrypting a database with SQLCipher

Android KeyStore provider

Setting up device administration policies