Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Hacking Android
  • Table Of Contents Toc
  • Feedback & Rating feedback
Hacking Android

Hacking Android

By : Mohammed A. Imran, Rao Kotipalli
4.4 (5)
Buy this Book
close
close
Hacking Android

Hacking Android

4.4 (5)
By: Mohammed A. Imran, Rao Kotipalli
Buy this Book

Overview of this book

With the mass explosion of Android mobile phones in the world, mobile devices have become an integral part of our everyday lives. Security of Android devices is a broad subject that should be part of our everyday lives to defend against ever-growing smartphone attacks. Everyone, starting with end users all the way up to developers and security professionals should care about android security. Hacking Android is a step-by-step guide that will get you started with Android security. You’ll begin your journey at the absolute basics, and then will slowly gear up to the concepts of Android rooting, application security assessments, malware, infecting APK files, and fuzzing. On this journey you’ll get to grips with various tools and techniques that can be used in your everyday pentests. You’ll gain the skills necessary to perform Android application vulnerability assessment and penetration testing and will create an Android pentesting lab.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. Setting Up the Lab
Icon
1. Setting Up the Lab
Icon
Installing the required tools
Icon
Android Studio
Icon
Setting up an AVD
Icon
Configuring the AVD
Icon
ADB Primer
Icon
Summary
2
2. Android Rooting
Icon
2. Android Rooting
Icon
What is rooting?
Icon
Locked and unlocked boot loaders
Icon
Stock recovery and Custom recovery
Icon
Rooting Process and Custom ROM installation
Icon
Rooting a Samsung Note 2
Icon
Flashing the Custom ROM to the phone
Icon
Summary
3
3. Fundamental Building Blocks of Android Apps
Icon
3. Fundamental Building Blocks of Android Apps
Icon
Basics of Android apps
Icon
Android app components
Icon
Building DEX files from the command line
Icon
What happens when an app is run?
Icon
Understanding app sandboxing
Icon
Summary
4
4. Overview of Attacking Android Apps
Icon
4. Overview of Attacking Android Apps
Icon
Introduction to Android apps
Icon
Understanding the app's attack surface
Icon
Threats at the client side
Icon
Threats at the backend
Icon
Guidelines for testing and securing mobile apps
Icon
Automated tools
Icon
Identifying the attack surface
Icon
QARK (Quick Android Review Kit)
Icon
Summary
5
5. Data Storage and Its Security
Icon
5. Data Storage and Its Security
Icon
What is data storage?
Icon
Shared preferences
Icon
SQLite databases
Icon
Internal storage
Icon
External storage
Icon
User dictionary cache
Icon
Insecure data storage – NoSQL database
Icon
Backup techniques
Icon
Being safe
Icon
Summary
6
6. Server-Side Attacks
Icon
6. Server-Side Attacks
Icon
Different types of mobile apps and their threat model
Icon
Mobile applications server-side attack surface
Icon
Strategies for testing mobile backend
Icon
Summary
7
7. Client-Side Attacks – Static Analysis Techniques
Icon
7. Client-Side Attacks – Static Analysis Techniques
Icon
Attacking application components
Icon
Static analysis using QARK:
Icon
Summary
8
8. Client-Side Attacks – Dynamic Analysis Techniques
chevron up
Icon
8. Client-Side Attacks – Dynamic Analysis Techniques
Icon
Automated Android app assessments using Drozer
Icon
Introduction to Cydia Substrate
Icon
Runtime monitoring and analysis using Introspy
Icon
Hooking using Xposed framework
Icon
Dynamic instrumentation using Frida
Icon
Logging based vulnerabilities
Icon
WebView attacks
Icon
Summary
9
9. Android Malware
Icon
9. Android Malware
Icon
What do Android malwares do?
Icon
Writing Android malwares
Icon
Registering permissions
Icon
Malware analysis
Icon
Tools for automated analysis
Icon
Summary
10
10. Attacks on Android Devices
Icon
10. Attacks on Android Devices
Icon
MitM attacks
Icon
Dangers with apps that provide network level access
Icon
Using existing exploits
Icon
Malware
Icon
Bypassing screen locks
Icon
Pulling data from the sdcard
Icon
Summary
11
Index
Icon
Index

WebView attacks

WebView is a view that allows an application to load web pages within it. Internally it uses web rendering engines such as Webkit. The Webkit rendering engine was used prior to Android version 4.4 to load these web pages. On the latest versions (after 4.4) of Android, it is done using Chromium. When an application uses a WebView, it is run within the context of the application, which has loaded the WebView. To load external web pages from the Internet, the application requires INTERNET permission in its AndroidManifest.xml file:

<uses-permission android:name="android.permission.INTERNET"></uses-permission>

Using WebView in an Android app may pose different risks to the application depending upon the mistakes the developers make.

Accessing sensitive local resources through file scheme

When an Android application uses a WebView with user controlled input values to load web pages, it is possible that users can also read files from the device in the context of the target...

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Hacking Android
End of Section 8
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon