This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Join us at OWASP AppSec APAC 2014 !!
View analytic
Thursday, March 20 • 11:40am - 12:30pm
Android にプリインストールされたアプリの改ざん / Preinstalled Android application poisoning

Sign up or log in to save this to your schedule and see who's attending!

また、これらの改ざん手法はAndroid SDKで提供されるdexdumpとバイナリエディタを使用するだけで誰でも簡単に実行できます。
※改ざん手法の一部は下記の発表実績に記載しているOWASP Japan 1st Local Chapter Meetingで紹介しています。

The recent method of hackers using apk-tool etc. to alter preinstalled Android applications for the purpose of research has up until now required numerous steps including downloading, deploying, altering, re-packaging, re-signing and installing the app which leads to some features failing to function properly and problems such as not being able to overwrite the altered application.  It is here that I would like to share a new approach that I discovered which directly alters the binary (odex file) on the Android cache.

Although odex file construction is explained on numerous sites including sites from Google, this novel approach not widely known directly alters odex files.  Not only does eliminating the need to deploy and re-sign the app eliminate the risk of the function failing to function properly while at the same time making alterations possible, since this can accomplished using a binary editor and dexdump found on Android SDK, this method can be used easily by anyone.  The explanations plans to feature demonstrations of altering a preinstalled app and analyzing the log results as well as demonstrating an MITM attack using a Facebook app with a poisoned URL link.

avatar for 加藤 義登 / Yoshitaka Kato

加藤 義登 / Yoshitaka Kato

Senior Security Consultant, Hewlett-Packard Japan, Ltd.
日本ヒューレット・パッカード株式会社 エンタープライズセキュリティサービス本部に所属。ヒューレット・パッカード社でグローバルに展開されているペネトレーションテスト、インシデントレスポンスサービスのAPJ担当をしています。Web... Read More →

Thursday March 20, 2014 11:40am - 12:30pm
Secure Your Site Hall(HALL WEST)

Attendees (4)