Book Image

Android Security Cookbook

Book Image

Android Security Cookbook

Overview of this book

Android Security Cookbook discusses many common vulnerabilities and security related shortcomings in Android applications and operating systems. The book breaks down and enumerates the processes used to exploit and remediate these vulnerabilities in the form of detailed recipes and walkthroughs. The book also teaches readers to use an Android Security Assessment Framework called Drozer and how to develop plugins to customize the framework. Other topics covered include how to reverse-engineer Android applications to find common vulnerabilities, and how to find common memory corruption vulnerabilities on ARM devices. In terms of application protection this book will show various hardening techniques to protect application components, the data stored, secure networking. In summary, Android Security Cookbook provides a practical analysis into many areas of Android application and operating system security and gives the reader the required skills to analyze the security of their Android devices.
Table of Contents (16 chapters)
Android Security Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Introduction


So far we've covered most of the high-level aspects of applications on the Android platform; this chapter focuses on the some of the native aspects—everything supporting the application layer components. The native aspects include the system daemons, the binary executables—compiled specifically for the system architecture—and the components of the filesystem and device-level configurations. Any of these aspects of the Android system may cause security vulnerabilities and enable privilege escalation on Android devices—especially smartphones—and thus they cannot be looked over in a complete security review of an Android system.

This chapter also covers how to pick up some basic memory corruption exploitation flaws. However, please note that this chapter does not cover all of the known memory exploitation styles and techniques. But what is covered is enough to allow you to learn how to implement most of the others on your own. This chapter also includes good articles and sources...