Scripting Android Applications

Presented at THOTCON 0x4 (2013), April 26, 2013, 3 p.m. (25 minutes).

This will be a walk-through presentation on dynamic exploration of Android apps using JRuby. We'll give an overview of the entire process, beginning with tools to disassemble the package, followed by a crash course in understanding smali disassembly, modifying, and rebuilding APKs. Finishing up with a tutorial on running code from a targeted android package within a jruby session and a discussion on what this allows us to do, such as access APIs restricted to mobile only, extraction of secret keys, and bypassing/calling custom crypto routines. We'll conclude with discussion of popular obfuscation techniques that reversers are likely to encounter when performing this work, and a few quick dives into popular apps to show audience members what to expect.

Presenters:

• Daniel Peck
  Peck is a Research Scientist at Barracuda Labs at Barracuda Networks. He's interested in studying the security implications of and malicious messaging on social networks, and industrial control systems, and reverse engineering. He has a Bachelors of Science in Computer Science from the Georgia Institute of Technology.

Similar Presentations:

• Black Hat USA 2013 / Abusing Web APIs Through Scripted Android Applications
• AppSec USA 2013 / All the network is a stage, and the APKs merely players: Scripting Android Applications
• VB2017 / Android reverse engineering tools: not the usual suspects