Index
A
- -alias tool / How it works...
- -a [action] / There's more...
- activities
- enumerating / Enumerating activities, There's more..., See also
- launching / Launching activities, How to do it..., How it works...
- activity manager
- interacting with, ADB used / Interacting with the activity manager via ADB, How to do it…, There's more...
- used, for intent sniffing / Passive intent sniffing via the activity manager, Getting ready, How to do it..., How it works...
- ADB
- about / Using the Android Debug Bridge (ADB) to interact with the AVDs, Interacting with the activity manager via ADB
- using, to interact with AVD / Using the Android Debug Bridge (ADB) to interact with the AVDs, There's more…
- applications, installing onto AVD / Installing applications onto the AVDs via ADB
- used, for activity manager interaction / Interacting with the activity manager via ADB, How to do it…, There's more...
- used, for application resource extracting / Extracting application resources via ADB, How to do it…, There's more...
- adb push command / How it works...
- Address Resolution Protocol (ARP) / How to do it...
- ADT
- about / Installing the Android Development Tools (ADT)
- installing / How to do it...
- alternative installations / How to do it...
- Advanced Encryption Standard (AES) encryption key / Generating a symmetric encryption key
- AES-GCM / There's more...
- allowClearUserData attribute / How it works...
- Android
- enabling / Emulating Android, How to do it...
- android*authorities attribute / How it works...
- android*description attribute / How it works..., How it works...
- android*enabled attribute / How it works...
- android*exported attribute / How it works..., How to do it...
- android*icon attribute / How it works...
- android*isolatedProcess attribute / How it works...
- android*label attribute / How it works...
- android*name attribute / How it works..., How it works...
- android*permission attribute / How it works...
- android*protectionLevel attribute / How it works..., How it works...
- android*readPermission attribute / How it works...
- android*writePermission attribute / How it works...
- Android application
- reverse engineering, need for / Introduction
- Android applications
- Android Debug Bridge (ADB) / Getting ready
- Android KeyStore / Introduction
- Android logcat
- information, disclosing via / Information disclosure via logcat, How to do it..., There's more...
- AndroidManifest.xml file
- inspecting / Inspecting the AndroidManifest.xml file, Getting ready, How to do it...
- working / How it works...
- AndroidPinning / Enhancements
- Android processes
- debugging, GDB server used / Debugging the Android processes using the GDB server
- Android Virtual Device (AVD) / Getting ready
- Ant build system
- DexGuard, enabling for / Enabling DexGuard for the Ant build system
- ant release command / How to do it...
- API hiding / Advanced code obfuscation with DexGuard
- API sources
- updating / Updating the API sources, How to do it...
- APK file / Getting ready
- apktool / Getting ready
- app.broadcast.info module / How to do it...
- application
- user related data, examples / Protecting user data
- properties / Protecting user data
- protecting, from another / Protecting applications from one another (isolation and privilege separation)
- sensitive information communication, protecting / Protecting communication of sensitive information
- application attack surfaces
- determining / Determining application attack surfaces, How to do it..., How it works…
- application certificate enumerator
- application certificates
- inspecting / Inspecting application certificates and signatures, Getting ready, How to do it…, How it works…, There's more...
- requirements / Getting ready
- application components
- securing / Securing application components, How it works…, See also
- ApplicationInfo class / See also
- application native libraries
- decompiling / Decompiling the application's native libraries, How to do it...
- Application Packages (APKs) / Installing applications onto the AVDs via ADB
- Application Programming Interfaces (APIs) / Installing the Android Development Tools (ADT)
- application resources
- extracting, via ADB / Extracting application resources via ADB, How to do it…, There's more...
- application signature
- verifying / Application signature verification (anti-tamper), Getting ready, How to do it...
- tamper detection, responding to / Responding to tamper detection
- application signatures
- verifying / Verifying application signatures
- assumeNoeffects attribute / How it works...
- AVD
- about / Creating Android Virtual Devices (AVDs)
- creating / How to do it…, There's more…
- external storage, emulating / Emulating a memory card or an external storage
- partition sizes / The partition sizes
- interacting with, ADB used / How to do it...
- files, copying off to / Copying files off/onto an AVD
- files, copying onto / Copying files off/onto an AVD
- application, installaing via ADB / Installing applications onto the AVDs via ADB
- AVs
- memory card, emulating / Emulating a memory card or an external storage
B
- broadcast receivers
- enumerating / Enumerating broadcast receivers, How to do it...
- attacking / Attacking broadcast receivers, How it works…
- browser_autopwn module / How to do it...
- Busybox
- setting up / Setting up Busybox
- bytesToHex() method / How to do it...
C
- -c [category] / There's more...
- CACert / Pinning and CACert
- checkClientTrusted() method / How to do it...
- checkServerTrusted method / Antipattern – what not to do!, How to do it...
- Cipher.init() method / How to do it...
- ClassDefs section / The ClassDefs section
- components
- protecting, with custom properties / Protecting components with custom permissions, How to do it…, How it works...
- content provider paths
- protecting / Protecting content provider paths, How to do it...
- content providers
- enumerating / Enumerating content providers, How it works...
- createClientConnectionManager method / How to do it...
- cryptography libraries
- CURL / Getting ready
- custom properties
- used, for component protecting / Protecting components with custom permissions, How to do it…
- CVE-2010-4804
- URL / See also
- Cwac-prefs / Securing SharedPreferences data
D
- -d [data uri] / There's more...
- Dalvik bytecode
- interpreting / Interpreting the Dalvik bytecode
- about / Understanding the Dalvik bytecode
- setting up / Getting ready, How to do it...
- dangerous attribute / How it works...
- Data Access Object (DAO) / How to do it...
- database
- encrypting, with SQLCipher / Encrypting a database with SQLCipher, Getting ready, How it works…, IOCipher
- debuggable attribute / How it works...
- Denial of Service (DoS) / Attacking services
- description attribute / How it works...
- device administration policies
- setting up / Setting up device administration policies, How to do it...
- AppPolicyDemoActivity, working / How it works...
- device camera, disabling / Disabling device camera
- DeviceAdminReceiver class / How to do it...
- DevicePolicyManager.isActive( ) method / How it works...
- DEX
- Java, compiling to / Compiling from Java to DEX, How to do it..., How it works...
- decompiling, to Java / Decompiling DEX to Java, How to do it...
- Dex2Jar tool / Getting ready
- dexdump
- fuzzing / Fuzzing dexdump, How it works...
- dexdump utility / How to do it…
- DEX file header / The DEX file header
- DEX files
- decompiling / Decompiling DEX files, How to do it…, There's more...
- format / Understanding the DEX file format
- DEX files format
- about / Understanding the DEX file format
- DEX file header / The DEX file header
- StringIds section / The StringIds section
- TypeIds section / The TypeIds section
- ProtoIds section / The ProtoIds section
- FieldIds section / The FieldIds section
- MethodIds section / The MethodIds section
- ClassDefs section / The ClassDefs section
- DexGuard
- used, for advanced code obfuscation / Advanced code obfuscation with DexGuard, Getting ready, How to do it..., There's more...
- enabling, for Ant build system / Enabling DexGuard for the Ant build system
- enabling, for Gradle build system / Enabling DexGuard for the Gradle build system, There's more...
- comparing, with ProGuard / There's more...
- official website / See also
- DexGuard Eclipse plugin
- installing / Installing the DexGuard Eclipse plugin
- DexMethod / The ClassDefs section
- drozer / Introduction
- setting up / How to do it..., There's more…
- session, running / Running a drozer session
- GitHub repository / See also
- drozer (Windows installer) option / How to do it...
- drozer module
- drozer session
- running / Running a drozer session, How to do it...
E
- -ecn [extra key] [component name] / There's more...
- -efa [extra key] [float value, float value,...] / There's more...
- -ef [extra key] [float value] / There's more...
- -eia [extra key] [integer value, integer value,...] / There's more...
- -ei [extra key] [integer value] / There's more...
- -el [extra key] [long value] / There's more...
- -eu [extra key] [uri value] / There's more...
- -ez [extra key] [boolean value] / There's more...
- -e [extra key] [string value] / There's more...
- .end method / How to do it...
- Elliptic Curve Cryptography (ECC) / Using cryptography libraries
- Elliptic Curve Digital Signature Algorithm (ECDSA) / Android KeyStore provider
- emulator
- detecting / How to do it..., How it works...
- enabled attribute / How it works...
- exclusive ORs (XORs) / The DEX file header
- execute method / How it works...
- eXtensible Markup Language (XML) / How it works...
F
- -f [flags] / There's more...
- .finduri module / How it works...
- fetchAndPrintPinHashs method / How to do it...
- FieldIds section / The FieldIds section
- file permissions
- inspecting / Inspecting file permissions, How to do it..., There's more..., See also
- Read ability (r) / Inspecting file permissions
- Write ability (w) / Inspecting file permissions
- Execute ability (x) / Inspecting file permissions
- Set Group ID ability (s) / Inspecting file permissions
- Set User ID ability (s) / Inspecting file permissions
- base 8 / Inspecting file permissions
- sticky bit / Inspecting file permissions
- find -exec command / There's more...
- findX509TrustManager() method / HttpsUrlConnection
- frame / Understanding the Dalvik bytecode
- Fuzz testing
- about / Automated native Android fuzzing
G
- gdb command / How to do it...
- GDB server
- used, for Android processes debug / Debugging the Android processes using the GDB server, How to do it...
- genkey tool / How it works...
- getAcceptedIssuers() methods / How to do it...
- get_provider() function / How it works...
- Gradle build system
- DexGuard, enabling for / Enabling DexGuard for the Gradle build system
- gradle releaseCompile command / How to do it...
- GrantURI / Extracting data from vulnerable content providers
- grant URI mechanism / How to do it...
I
- installed packages
- enumerating / Enumerating installed packages, How it works..., There's more...
- Application Label / There's more...
- Process Name / There's more...
- version / There's more...
- Data Directory / There's more...
- APK Path / There's more...
- UID / There's more...
- GID / There's more...
- Shared Libraries / There's more...
- Shared User ID / There's more...
- Uses Permissions / There's more...
- installer
- detecting / How to do it..., How it works...
- inter-process communications (IPC) / How it works…
- Intrusion Detection System (IDS) / How it works...
- invoke-virtual method / How to do it...
- IOCipher
J
- Java
- compiling, to DEX / Compiling from Java to DEX, How to do it..., How it works...
- DEX, decompiling to / Decompiling DEX to Java, How to do it...
- java -jar command / Getting ready
- Java Cryptographic Extensions (JCE) / Using cryptography libraries
- Java JDK / Getting ready
- JD-GUI tool / Getting ready, How to do it...
- JDK
- about / Installing the Java Development Kit (JDK)
- installing / How to do it..., There's more…
K
- -keyalg tool / How it works...
- -keysize tool / How it works...
- -keystore tool / How it works...
- KeyStore / Android KeyStore provider, How to do it..., How it works..., There's more...
- keytool command / How to do it...
- kill command / There's more...
L
- .load() method / How to do it...
- Linux / Getting ready
- load(null) method / How it works...
- LocalTrustStoreMyHttpClient class / How to do it...
- LocalTrustStoreTrustManager class / How to do it...
M
- Mac / Getting ready
- man-in-the-middle (MITM) / SSL pinning
- Memory size dialog / There's more...
- Mercury / Introduction
- META-INF folder
- contents / How it works…
- MethodIds section / The MethodIds section
- MITM attack
- about / Man-in-the-middle attacks on applications
- on, applications / Man-in-the-middle attacks on applications, How to do it...
- on mobile phones / How to do it...
- Mobile Device Management (MDM) / Setting up device administration policies
N
- -n [component] / There's more...
- native executables
- cross-compiling / Cross-compiling native executables, How to do it..., There's more..., See also
- native exploitation techniques
- learning, need for / Introduction
- nc command / How it works...
- NDK
- about / Installing the Native Development Kit (NDK)
- installing / How to do it...
- Netcat / Getting ready
- network traffic
- inspecting / Inspecting network traffic, How to do it…, How it works...
- prerequisites / Getting ready
- network traffic, prerequisites
- Wireshark / Getting ready
- Netcat / Getting ready
- TCPdump for Android / Getting ready
- normal attribute / How it works...
O
- objdump tool / There's more...
- onCreate() method / Android's PRNG bug
- onDisabled event / How it works...
- OnionKit library
- StrongTrustManager, using from / Using StrongTrustManager from the OnionKit library, How to do it..., There's more...
- OpenSSL / Getting ready
- Openssl -showcerts command / Getting ready
- Orbot / The Orbot and Tor networks
- OrbotHelper class / The Orbot and Tor networks
P
- PackageManager class / See also
- password-based encryption (PBE) / How it works...
- permission group
- defining / Defining a permission group
- pinning / Pinning and CACert
- Process ID (PID) / How to do it...
- ProGuard
- used, for log message removal / Removing all log messages with ProGuard, Getting ready, How to do it..., How it works...
- output / ProGuard output
- limitations / Limitations, See also
- comparing, with DexGuard / There's more...
- proguard.config property / How it works...
- ProtoIds section / The ProtoIds section
- PseudoRandom Number Generator (PRNG) / Antipattern – setting the seed
- PublicKeyExtractingTrustManager class / How to do it...
- push command / How it works...
R
- race condition vulnerabilities
- exploiting / Exploitation of race condition vulnerabilities, Getting ready
- exploiting, factors / Exploitation of race condition vulnerabilities
- exploiting, steps / How to do it...
- Radamsa
- about / Automated native Android fuzzing
- obtaining / Getting ready
- cross-compiling, for Android / How to do it...
- Busybox, setting up / Setting up Busybox
- dexdump, fuzzing / Fuzzing dexdump, How it works...
- Radamsa fuzzer
- about / Getting ready
- read/write permissions / Extracting data from vulnerable content providers
- registers / Understanding the Dalvik bytecode
- ReTrace tool / ProGuard output
- reverse engineering
- about / Introduction
S
- Santoku
- about / Introduction
- setting up / Installing and setting up Santoku, How to do it..., There's more...
- installing / Installing and setting up Santoku, How to do it..., There's more...
- Secure-Preferences / Securing SharedPreferences data
- Secure Hashing Algorithm (SHA) / The DEX file header
- self-signed SSL certificates
- validating / Validating self-signed SSL certificates, Getting ready, How to do it..., There's more...
- issues / Validating self-signed SSL certificates
- using, in live environment / Using self-signed SSL certificates in a live environment
- HttpsUrlConnection / HttpsUrlConnection
- antipattern / Antipattern – what not to do!
- sensitive information communication
- inter-component communication / Protecting communication of sensitive information
- inter-application communication / Protecting communication of sensitive information
- extra-device communication / Protecting communication of sensitive information
- services
- enumerating / Enumerating services, How to do it..., How it works…
- attacking / Attacking services, How to do it...
- signature attribute / How it works...
- signatureOrSystem attribute / How it works...
- signatures
- SQL-injection vulnerable content providers
- enumerating / Enumerating SQL-injection vulnerable content providers, How to do it...
- debuggable applications, exploiting / Exploiting debuggable applications, How to do it...
- SQLCipher
- used, for database encryption / Encrypting a database with SQLCipher, Getting ready, How it works…, IOCipher
- SQL injection attack
- defending against / Defending against the SQL-injection attack, How to do it..., See also
- SSL
- about / Introduction
- SSL pinning
- about / SSL pinning
- steps / How to do it...
- enhancements / Enhancements
- limitations / Limitations
- stack canary / There's more...
- stack memory corruption
- exploiting / Stack memory corruption exploitation, How to do it...
- standard filesystem folders
- /acct / Inspecting file permissions
- /cache / Inspecting file permissions
- /data / Inspecting file permissions
- /dev / Inspecting file permissions
- /etc / Inspecting file permissions
- /mnt / Inspecting file permissions
- /proc / Inspecting file permissions
- /root / Inspecting file permissions
- /sbin / Inspecting file permissions
- /sdcard / Inspecting file permissions
- /sys / Inspecting file permissions
- /system / Inspecting file permissions
- /vendor / Inspecting file permissions
- /init / Inspecting file permissions
- /init.rc / Inspecting file permissions
- /init[device_name].rc / Inspecting file permissions
- /ueventd.rc / Inspecting file permissions
- /uevent[device_name].rc / Inspecting file permissions
- /default.prop / Inspecting file permissions
- /config / Inspecting file permissions
- /storage / Inspecting file permissions
- /charger / Inspecting file permissions
- sticky bit / Inspecting file permissions
- string-encryption feature / Advanced code obfuscation with DexGuard
- String.equalsIgnoreCase() method / How to do it...
- String encryption / Advanced code obfuscation with DexGuard
- StringIds section / The StringIds section
- StrongTrustManager
- using, from OnionKit library / Using StrongTrustManager from the OnionKit library
- StrongTrustManager class / Pinning and CACert
- Substitute User (SU) / How it works...
- su substitute / How to do it...
- symmetric encryption key
- about / Generating a symmetric encryption key
- creating / How to do it..., How it works…
- AES-GCM, using / Using AES-GCM for strong symmetric encryption
- SystemProperties.java class / See also
T
- -t switch / How to do it…
- -t [mime type] / There's more...
- tamper
- protecting, by installer detection / Tamper protection by detecting the installer, emulator, and debug flag
- protecting, by debug flag detection / Tamper protection by detecting the installer, emulator, and debug flag, How it works..., See also
- protecting, by emulator detection / How to do it..., How it works...
- Tor project / The Orbot and Tor networks
- TrustManager.checkServerTrusted server( ) method / How to do it...
- TrustManager class / How to do it...
- truststore / How to do it...
- typedef command / How to do it...
- TypeIds section / The TypeIds section
U
- <uses-feature> tag / There's more...
- Uniform resource identifiers (URIs) / Protecting content provider paths
- Unzip / Getting ready
V
- -validity tool / How it works...
- -v tool / How it works...
- validateAppSignature() method / How to do it...
- validateCertificatePin method / Enhancements
- vulnerable content providers
- about / Enumerating vulnerable content providers
- enumerating / How to do it..., See also
- data, extracting from / Extracting data from vulnerable content providers, How to do it..., See also
- data, inserting into / Inserting data into content providers, How to do it...
- vulnerable function / How to do it...
W
- Wget / Getting ready
- Windows / Getting ready
- WinZip / Getting ready
- Wired Equivalent Privacy (WEP) / How it works…
- Wireshark / Getting ready