Reverse Engineering Apps. A Primer

Share if the site was helpful

Reverse Engineering Apps.  A Primer

Reverse engineering is a pretty cool concept.  Someone builds something, you want to see how they did it, so you take it apart and see how it was put together in the first place.   It can be a great way to learn, and it pushes technological progress forward.  But there’s also a dangerous side to it.

Reverse engineering done with malicious intent can lead to copyright infringement or other damages.  It’s a fine line to walk on for what is ethical and what isn’t, and that doesn’t change inside of the Android world.  In here reverse engineering is common and developers should always account for it when building apps to make sure they’re taking necessary precautions.

The term for reverse engineering an app is “decompiling”, and what you’re decompiling is an APK (Android Package Kit).   This is essentially just a .zip file that stores our apps code.  You build an APK when you compile your code and use that APK to upload the app onto the Google Play Store.  This is then what users around the world download onto their devices.  And if they’re tech-savvy enough, they can open up this APK and see what’s inside.

Why Decompile?

Let’s take a second to think about a couple reasons why we would want to decompile our APKs.  One possibility is that we’ve misplaced our source code and are hoping to recover it.  If this was the case then we could decompile our app from a phone it was already on. Note that this has its limitations as the decompiled code will not be the exact same as the original.  Some parts will be lost along the way, so make sure you save your code on Github!

Another possible reason for decompiling an app would be to evaluate its security.  If you’re able to see things you want to keep private simply by decompiling an app, other people can too.  And chances are they won’t always be decompiling for education purposes.  I’ll be following up on this blog shortly with another one going more in depth on how to properly hide secrets in your apps.

And of course there’s always decompiling for modding purposes. If you reverse engineer an app and put it back together how you want then you can add new features or customize how things behave.  Here’s where I throw in a disclaimer that you should make sure you’re a law abiding citizen while doing these things.  Lots of companies/developers would be very unhappy to hear that someone is decompiling their apps to make monetary gains.

How To Decompile?

The good news is that if you want to decompile apps on your own, you absolutely can!  You’ll need to download a popular tool known as apktool, and also make sure you have java set up on your computer.    Here’s an great video showing how to use apktool to theme and edit android apps.

 

Want to know more about decompiling apps?  Don’t worry we’ll be writing lots more on it soon, but in the mean time let us know what you want to know in the comments below!

Android Security Is Still Secure. Seriously.

Share if the site was helpful

Android Security Is Still Secure. Seriously.

There’s been a lot of media hype this past month about Android phones and their lack of security.  Headlines such as “How Android Phones Hide Missed Security Updates From You” have been floating around causing mass panic.

Take a deep breath.  It’s ok.

Despite the plethora of recent articles claiming that Android phones are under attack and that you’re a victim, chances are you’re actually safer than you think.  Yes there was a study earlier this month that found some phones were behind on their security updates.  But that doesn’t mean that all of your data is exposed to whoever wants to take it.  Even with a few security updates missing, you should be alright.  Let’s take a second to discuss some of the other security features that Android architecture has in place to protect you:

Google Play Protect

Google Play Protect is a safeguard to protect Android users from malicious apps.  Even with Google’s screening process to let apps onto the Play Store, chances are some baddies will slip through the cracks and are available for download.  Google Play Protect attempts to stop these apps in their tracks by doing routine scans on your phone for every app even after it’s been installed.  If there’s a cause for concern detected, you’ll be notified. 

This software also applies to apps updates, so the short version of it is that apps can’t just slide by once. As long as you have Play Protect enabled on your phone, apps are continuously exposed to it.  Chances are your phone already has Play Protect, but if you want to be sure (or just see what it’s been up to) you can find it in the Play Store.  Open the store and then tap the 3 horizontal bars menu icon.  Then select “Play Protect” and you’ll be taken to a page showing what apps have been scanned recently and how your device looks.

Sandboxing

Android apps are naturally sandboxed from one another.  What this means is that each apps data and code execution is isolated from others.  So if you happen to download the wrong app it doesn’t mean it will automatically have access to all of the apps already on your phone.  We go into depth about the android security framework in our Android development course over at Phonlab.  Content Providers offer a storage mechanism for apps so that their information has to be requested before it can become accessible to just anyone.

Android Permissions work along with this to make sure that no matter what if you have some common sense you should be safe.  Permissions essentially are requirements that if an app utilizes a certain feature (such as syncing with your contacts) it has to be granted permission by the user.

These permissions are presented to a user when the app attempts to access them, and are only allowed when the user says so.  You retain complete control over what access an app has.  Imagine you downloaded a game and it started asking you for access to your contacts and your saved media files.  Red flags should be going up right away since a game has no reason to use these.  As long as you don’t blindly hit accept to every permission, you retain a ton of control over what an app can actually do.

What are your thoughts on Android’s security measures?  Let us know in the comments below!

Anti-Hacking Tools for Android – 2017 Guide

Share if the site was helpful

Anti-Hacking Tools for Android – 2017 Guide

 

Android officially has the largest market share in the smartphone world and there is almost 1.5 billion people who use Android smartphone or tablet. This speaks volumes of the quality and affordability that Android offers to their users, but there are also problems and liabilities that always come with using widely popular brands.

Security is frequently one of the questions that come with using Android and this topic is always a matter of interest, especially if you’re using your Android devices for your work and some form of confidential data manipulation. We’ve decided to talk about anti-hacking tools that can make the breach of your security much more difficult for cybercriminals. In 2017, you can expect that there will be lots of new viruses and malware to look out for, so here are some tools to help you along the way.

AppLock

We all love using apps and while they’re incredibly useful, they can also serve as the back door through which hackers can slither through unnoticed. Too many people are still not careful enough about what they’re installing on their devices and whether those apps come from trusted sources and therein lies the problem. To put a stopper on having this problem (even potentially) is to secure your phone with an app that is specifically designed to lock all other apps. While your lock screen only protects you from the outside attacks, it doesn’t do much more for anything going on inside your phone and this is where AppLock takes center stage.

Once you’ve downloaded it, you are free to lock any app you feel should be protected – anything from Facebook to your email and bank accounts. By using this app, you’re making sure that no one but you will be able to touch your private information plus you will limit the access that apps have in your device, so you’re killing two birds with one stone.

Use High Quality Password Manager

Seeing that practically everything on the internet has to be protected by a password, you need to do your best to keep this aspect of your security in check. This isn’t necessarily easy, because you need strong passwords for every account you have, and that means complex words usually concocted with numbers and special characters. If this sounds like a lot of work, well, it is, but thankfully, you don’t have to keep it all in your head. There are some very good password managers like Zoho, LastPass and RoboForm that will do an excellent job in managing passwords for your numerous accounts. Not only that, but a password manager worth its salt will suggest how to make your passwords more secure and give you additional tips on how to protect your privacy even more. You are also able to keep in check any personal information you have and protect your usernames as well.

Encrypt Everything with a VPN

Privacy when you’re using your Android device is equally important as when you’re using your desktop computer or laptop, though we often forget this. Smartphones are quite vulnerable to security breaches and one of the best ways to prevent that from happening is to encrypt both the data on your phone and your internet connection. Whenever you’re connected to a public network, you’re in danger of catching a virus or having a hacker on your tail, and virtual private networks simply erase this problem. Good VPN providers like Nord VPN can provide you with military level encryption for your Android device, so that hackers can’t harm your privacy in any way. Talking about anti-hacking tools, when you want to encrypt some very important files on your device, there are great encryption apps that you can use and that are also free, so that you don’t have to spend a lot of money on your Android security.

Use Security Software You Know Is Good

Long gone are the times when you could just pick any antivirus and be set when it comes to security. Android devices need to be protected with strong antivirus software because while it’s the most versatile platform, it is also most prone to small, pesky security issues like spyware and viruses. Depending on what kind of an internet user you are and how much sensitive information you’re managing on your device, you need to find antivirus that suits your needs. Sure, there are some great free version like Avira, Avast and Panda, but if you need stronger security that includes anti-spam, antimalware and functioning firewall, then you will have to pay to get all-encompassing protection. You may not pay it gladly, but online security is scarce these days, and paying a couple of bucks a month is more than acceptable for the peace of mind you’re getting in return.

Get Email Encryption Software

Email scams are still very much a thing, even though many of us believe that we wouldn’t fall for that. While you’ve got your security software to protect you against spamming and phishing, it would be wise to encrypt your emails in general. A lot of sensitive details are conveyed via email and chances are you don’t want your mail to get into wrong hands. If hackers get into your email, they can take advantage of your address book and spam all your friends and colleagues, which never ends well. Software like Data Motion and HP Secure Wall have proven their worth over time, which is why it’s worth given them a shot.

Anti-hacking tools for Android abound these days and all you have to do is take your pick. Of course, it’s very important for you to be wary as well and know what not to do when browsing the internet because no anti-hacking tool will help you unless you always remain security aware. What apps and security software do you use? Please comment and share your opinion. – Thomas Milva

 

Thomas Milva is 28, he lives in Baton Rouge and is a dedicated Analyst of Information Security, which is why he moved to Baton Rouge, where he lives now and he loves it.  He’s got Italian ancestry and is very fond of his pets, Reggie the dog and his two goldfish. Thomas mostly works from home, which is why he’s contemplating of adopting another dog.

 

Quadrooter Qualcomm Exploit

Share if the site was helpful

Quadrooter Qualcomm Exploit

Quadrooter-vulnerability-affects-nearly-1-billion-Snapdragon-powered-Android-devices

QuadRooter sounds like another serious Android security exploit. One which can apparently allow a malicious app to gain root access on Qualcomm based Android phones and tablets, enabling the app to then do pretty much what it pleases. According to Check Point, the research group that discovered QuadRooter, up to 900 million Qualcomm Android devices could be affected. This exploit targets the Qualcomm drivers which is why it is specific to this hardware. As of the Augusts 1st security update Google has patched 3 of the 4 vulnerabilities and will patch the last one in the September 1st update. To keep your device safe from these bugs it is always bests to stay on top of your security updates. One of the best ways to protect your phone from malicious software is to only download apps from google play or trusted sources.

quadrooter-scanner

If you want to check and see if your device can possible be vulnerable to this threat then you can download and run QuadRooter Scanner by check pointPersonally I am hoping that a developer can figure out this exploit and use it to get many android users root access. I am sure someone can create a app that gets root then injects supersu and su binary into the device. If you are hoping for the same I recommend not updating to new security patches and give the developers some time to get devices root access. 

I wouldn’t be surprise to see this QuadRooter vulnerability implemented into Kingroot app some time soon, as it would make there app unstoppable on Android devices. What do you think about this bug please comment below and let me know.

RootJunky

 

PhonLab E-Campus

Share if the site was helpful

PhonLab E-Campus

 

I have teamed up with MJ Nale an experts in Android smartphone repairs and support and the owner of Android Hawaii. A repair shop in you guessed it Hawaii. There is also a physical campus in Honolulu if you are looking to take classes with a instructor or two.  PhonLab E-Campus is a online SmartPhone service course to teach repair centers and cellphone shops how to fix firmware problems on phones along with many other security and IMEI fixes. We are working hard to create one of the best online lesson based course around. The concept behind this class is to keep adding to it as technology changes to stay up to date. As part of the class you will have access to our files and the ability to request an instructors assistance with your lessons. You can also request new content to be added. we will do the hard part to figure it all out then bring it to the students in easy to follow video and written tutorial.

If this sounds like just what you are looking for or you really just want to learn something new then sign up here PhonLab.teachable.com and you can get a nice discount at check out by using coupon code rootjunky9. NOTE might need to be in caps like this ROOTJUNKY9

I look forward to seeing you there. Please comment on any lesson and I will be happy to help out.

If you aren’t interested in the class please consider becoming an affiliate and help us get the word out and make some extra cash for yourself as well. thanks 🙂 Affiliate signup here

RootJunky / E-campus instructor.

 

android stagefright exploit

Share if the site was helpful

What is Android stagefright exploit and how does it effect me? This is the question that everybody is asking so i will be trying to cover it in this post. First lets get an understanding of what StageFright is and can do to your device. StageFright is library or lib that has been around since Android 2.2 and is still being used in android 5.1.1 today. This is the reason that it is such a big exploit and called StageFright.

How does StageFright work?

The easiest way to hack into a device with StageFright is a video sent via MMS. which theoretically could be used as an avenue of attack through the libStageFright, which helps Android process video files. Many text messaging apps including Google’s Hangouts app automatically process that video so it’s ready for viewing as soon as you open the message, and so the attack theoretically could happen without you even knowing it. StageFright could also be exploited by installing a app that has the exploit in it or every by downloading a hacked video file that could run the exploit. If StageFright is implemented on your device the hacker can view and see everything that you do, bank accounts emails and more.

What can we do about it?

First you want to open your messaging app and go into settings and turn off AUTO RETRIEVE MMS. This will keep the a hack from happening automatically at least. You could still open a MMS and get it but that is still one more step that has to happen. Next don’t install apps from unknown sources, which really is always a good idea and last be careful on the Internet. Google will be working on a patch for this and pushing it out in ota updates soon. We all now how long ota updates can take so best to address this yourself.

More info

ASLR (Address Space Layout Randomization) is a method that keeps an attacker from reliably finding the function he or she wants to try and exploit by random arrangement of memory address spaces of a process. ASLR has been enabled in the default Linux Kernel since June 2005, and was added to Android with Version 4.0 (Ice Cream Sandwich). So if your device is android 4.0 and above you are much better protected.

My Thoughts

From what i have heard stagefright isnt a exploit that has been seen working in the wild just discovered by some researchers and not implemented in real world. Since it is already public I dont think that many hackers would spend the time working on it, if it is going to be patch soon anyway.

HERE you can find a StageFright detector app that is interesting but is going to tell you that you are vulnerable unless you have the latest cm12.1 installed which already has been patch for stagefright.