Book Image

Android Security Cookbook

Book Image

Android Security Cookbook

Overview of this book

Android Security Cookbook discusses many common vulnerabilities and security related shortcomings in Android applications and operating systems. The book breaks down and enumerates the processes used to exploit and remediate these vulnerabilities in the form of detailed recipes and walkthroughs. The book also teaches readers to use an Android Security Assessment Framework called Drozer and how to develop plugins to customize the framework. Other topics covered include how to reverse-engineer Android applications to find common vulnerabilities, and how to find common memory corruption vulnerabilities on ARM devices. In terms of application protection this book will show various hardening techniques to protect application components, the data stored, secure networking. In summary, Android Security Cookbook provides a practical analysis into many areas of Android application and operating system security and gives the reader the required skills to analyze the security of their Android devices.
Table of Contents (16 chapters)
Android Security Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Extracting application resources via ADB


The following recipe shows you how to do some snooping on your Android applications. Namely, find out what kind of data structures they are using to store important information and what kind of information they are storing, for example, high scores, passwords, contacts, and e-mails. Besides allowing you to set your high score to a negative number, this is an effective way for you to influence application behavior from its backend. It also gives you a perspective on how applications protect their users' data, for example, is the data encrypted? How is it encrypted? Does the application protect the integrity of the user data? It also makes for a very useful skill when reverse engineering and assessing application security.

Getting ready

Unfortunately for this one, you will need either a "rooted" phone or an emulator, because you already have root access on emulated devices.

If you want to get access to the resources of other apps, you will need root permissions...