Hacking Android.

Explore every nook and cranny of the Android OS to modify your device and guard it against security threatsAbout This Book Understand and counteract against offensive security threats to your applications Maximize your device's power and potential to suit your needs and curiosity See exactly ho...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Kotipalli, Srinivasa Rao
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Packt Publishing, 2016.
Edición:1.
Temas:
Android (Electronic resource)
Mobile computing > Security measures.
Informatique mobile > Sécurité > Mesures.
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover; Copyright; Credits; About the Authors; About the Reviewer; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Setting Up the Lab; Installing the required tools; Java; Android Studio; Setting up an AVD; Real device; Apktool; Dex2jar/JD-GUI; Burp Suite; Configuring the AVD; Drozer; Prerequisites; QARK (No support for windows); Getting ready; Advanced REST Client for Chrome; Droid Explorer; Cydia Substrate and Introspy; SQLite browser; Frida; Setting up Frida server; Setting up frida-client; Vulnerable apps; Kali Linux; ADB Primer; Checking for connected devices; Getting a shell.
  • Listing the packagesPushing files to the device; Pulling files from the device; Installing apps using adb; Troubleshooting adb connections; Summary; Chapter 2: Android Rooting; What is rooting?; Why would we root a device?; Advantages of rooting; Unlimited control over the device; Installing additional apps; More features and customization; Disadvantages of rooting; It compromises the security of your device; Bricking your device; Voids warranty; Locked and unlocked boot loaders; Determining boot loader unlock status on Sony devices.
  • Unlocking boot loader on Sony through a vendor specified methodRooting unlocked boot loaders on a Samsung device; Stock recovery and Custom recovery; Prerequisites; Rooting Process and Custom ROM installation; Installing recovery softwares; Using Odin; Using Heimdall; Rooting a Samsung Note 2; Flashing the Custom ROM to the phone; Summary; Chapter 3: Fundamental Building Blocks of Android Apps; Basics of Android apps; Android app structure; How to get an APK file?; Storage location of APK files; /data/app/; /system/app/; /data/app-private/; Android app components; Activities; Services.
  • Broadcast receiversContent providers; Android app build process; Building DEX files from the command line; What happens when an app is run?; ART
  • the new Android Runtime; Understanding app sandboxing; UID per app; App sandboxing; Is there a way to break out of this sandbox?; Summary; Chapter 4: Overview of Attacking Android Apps; Introduction to Android apps; Web Based apps; Native apps; Hybrid apps; Understanding the app's attack surface; Mobile application architecture; Threats at the client side; Threats at the backend; Guidelines for testing and securing mobile apps.
  • OWASP Top 10 Mobile Risks (2014)M1: Weak Server-Side Controls; M2: Insecure Data Storage; M3: Insufficient Transport Layer Protection; M4: Unintended Data Leakage; M5: Poor Authorization and Authentication; M6: Broken Cryptography; M7: Client-Side Injection; M8: Security Decisions via Untrusted Inputs; M9: Improper Session Handling; M10: Lack of Binary Protections; Automated tools; Drozer; Performing Android security assessments with Drozer; Installing testapp.apk; Listing out all the modules; Retrieving package information; Identifying the attack surface.

Ejemplares similares