BuyMeACoffee
Edit

Introduction

Courses

Free

LogoTryHackMe | Android Hacking 101TryHackMe
LogoGitHub - ashishb/android-security-awesome: A collection of android security related resourcesGitHub
LogoAndroid App PentestSecurity Workbook on Pentesting
LogoMobileHackingCheatSheet/Mobile_Hacking_Android_cheatsheet_v1.0.pdf at master · randorisec/MobileHackingCheatSheetGitHub
Logo0x01-ForewordMobile Security Testing Guide

Non-Free

LogoAndroid Hacking And Penetration TestingUdemy

Labs

Complete

LogoGitHub - t0thkr1s/allsafe: Intentionally vulnerable Android application.GitHub
LogoGitHub - hafiz-ng/Beetlebug: Beetlebug is an open source insecure Android application with CTF challenges built for Android Penetration Testers and Bug Bounty hunters.GitHub

Precise

LogoGitHub - t4kemyh4nd/vulnwebview: Intentionally vulnerable webview implementions in AndroidGitHub

Easy

LogoGitHub - dineshshetty/Android-InsecureBankv2: Vulnerable Android application for developers and security enthusiasts to learn about Android insecuritiesGitHub
LogoGitHub - payatu/diva-android: DIVA Android - Damn Insecure and vulnerable App for AndroidGitHub
LogoGitHub - B3nac/InjuredAndroid: A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.GitHub
LogoGitHub - rewanthtammana/Damn-Vulnerable-Bank: Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.GitHub
LogoGitHub - logicalhacking/DVHMA: Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.GitHub
LogoGitHub - hax0rgb/InsecureShop: An Intentionally designed Vulnerable Android Application built in Kotlin.GitHub
LogoGitHub - dan7800/VulnerableAndroidAppOracleGitHub

To Know

About Android Security Model

Two distinct layers to Android Security model.

1. Implemented in the OS, and isolates installed app from one another

  • Each app has a specific UID, dynamically assigned.

  • An app can only access its UID files and no other (except if shared by another app or OS)

  • Each App runs as a separate process under a sperate UID

  • Prior to Android 4.3 = the only thing that was isolating apps = if root compromised entire system was compromised

  • Starting from Android 4.3 = SELinux

  • SELinux denies all process interaction + create policies to allow only expected applications

2. Security of an App itself (made by the developers)

  • The dev can selectively expose certain app functions to other apps

  • Configures App capabilities

  • All apps are in the /data/data folder (except if modified in manifest by dev)

  • The permissions declared in the manifest will be translated in permissions in the file system.

About Apps

Structure

An Android App comprises two main elements:

  1. The program's core functionality, written in Java code or Kotlin (official language today)

  2. The XML files that specify various configurations, including string values and the app's identity.

Types

Native: They are those developed applications only and exclusively for mobile operating systems, either Android or IOS. In Android you use the Java or Kotlin programming language, while in IOS you make use of Swift or Objective-C. These programming languages are the official ones for the respective operating systems.

Hybrid: These applications use technologies such as HTML, CSS and JavaScript, all of these linked and processed through frameworks such as Apache Córdova "PhoneGap", Ionic, among others.

Directories

App directories in device

/data/data/<package_name>. By default, the apps databases, settings, and all other data go here.

  • databases/: here go the app's databases

  • lib/: libraries and helpers for the app

  • files/: other related files

  • shared_prefs/: preferences and settings

  • cache/: well, caches

APK Anatomy

When decompiled :

  • AndroidManifest.xml: contains the application’s package name, access rights, referenced libraries as well as other metadata.

  • classes.dex: contains the application source code compiled in .dex file format.

  • resources.arsc: contains the application’s precompiled resources.

  • res/ : contains the application's resources not compiled into resources.arsc.

  • lib/ : contains compiled code that is platform-dependent. Each sub-directory in lib/ contains the specific source code for respective processors.

  • assets/ : contains the application’s assets.

  • META-INF/ : contains the MANIFEST.MF file, which stores metadata about the application. It also contains the certificate and signature of the APK.

PreviousAndroidNextReversing

Last updated

Was this helpful?