android device testing framework - black hat · android device testing framework blackhat usa 2014...
TRANSCRIPT
![Page 1: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/1.jpg)
Android Device Testing Framework
Blackhat USA 2014 Arsenal
Jake Valletta
August 07, 2014
https://github.com/jakev/dtf
![Page 2: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/2.jpg)
Who Am I
• Consultant at Mandiant/FireEye
• Mobile security research and tool development
– www.thecobraden.com/projects/
– www.github.com/jakev/
• @jake_valletta
Blackhat USA 2014 https://github.com/jakev/dtf 2
![Page 3: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/3.jpg)
What is dtf?
• “Android Device Testing Framework”
– Modular and extendable
• Written in Python and Bash
• Not a vulnerability scanner
• Think of it as “lead generation”
• Someone hands you a phone – Where are the vulnerabilities?
https://github.com/jakev/dtf 3 Blackhat USA 2014
![Page 4: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/4.jpg)
Example Vulnerabilities
• Information disclosure
– Can a malicious application or user “pillage” system or personal data?
• Privilege escalation
– Can a malicious application or user escalate their privileges on the device?
• Denial of service
– Can a malicious application cause denial of service like conditions to a device?
https://github.com/jakev/dtf 4 Blackhat USA 2014
![Page 5: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/5.jpg)
What it does Out of the Box
• Not much.
• Provides project management
• Package installer and module support
– Modules perform all the exciting functionality!
– dtf <module_name>
https://github.com/jakev/dtf 5 Blackhat USA 2014
![Page 6: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/6.jpg)
Modules?
• Python or Bash scripts
• I’ll be releasing my collection of modules for testing
• Can also write your own
https://github.com/jakev/dtf 6 Blackhat USA 2014
![Page 7: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/7.jpg)
My Modules…
• Collect information from device
• Unpack data and process into databases
• Provide APIs and modules to interact with the data
Blackhat USA 2014 https://github.com/jakev/dtf 7
• sysapps.db • frameworks.db • dev.db • services.db • appdexdbs/*.db • frameworkdexdbs/*.db
• APK Files • Framework files • Binaries • System Libraries
• Disassemble DEX • Decode manifests • Unpack resources
![Page 8: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/8.jpg)
What’s the Goal?
• Rapidly answer the questions:
– What changed in Android Open-Source Project (AOSP) applications?
– What is exposed in new OEM/carrier applications?
Blackhat USA 2014 https://github.com/jakev/dtf 8
![Page 9: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/9.jpg)
Blackhat Setup
• Two test devices
– ZTE Open C with ZTE Kit Kat 4.4.2
– Amazon Kindle HD with “FireOS 3.0”
• Physical access
• USB Debugging enabled
• No root access
Blackhat USA 2014 https://github.com/jakev/dtf 9
![Page 10: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/10.jpg)
Demos!
10 https://github.com/jakev/dtf Blackhat USA 2014
![Page 11: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/11.jpg)
Closing Thoughts
• Device OEMs and carriers have a lot to learn
– 1999 style issues
• Issues are extremely apparent, given the correct tools
• Be careful how much trust you put in your device!
Blackhat USA 2014 11 https://github.com/jakev/dtf
![Page 12: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/12.jpg)
Future Plans
• Remove Bash dependency
• Cross-platform support
• Continue to release modules and expand functionality
– More automation?
– GUI?
Blackhat USA 2014 12 https://github.com/jakev/dtf
![Page 13: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/13.jpg)
Questions?
https://github.com/jakev/dtf
![Page 14: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/14.jpg)
Contact
• Twitter: @jake_valletta
• Email: [email protected]
• Site: www.thecobraden.com
• Blog: blog.thecobraden.com
• GitHub: www.github.com/jakev/dtf
Blackhat USA 2014 14 https://github.com/jakev/dtf
![Page 15: Android Device Testing Framework - Black Hat · Android Device Testing Framework Blackhat USA 2014 Arsenal ... –What changed in Android Open-Source Project ... –GUI? Blackhat](https://reader031.vdocuments.mx/reader031/viewer/2022022006/5ac4888f7f8b9a2b5c8d122b/html5/thumbnails/15.jpg)
Thanks!
https://github.com/jakev/dtf