Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AnDevCon: Android Reverse Engineering

AnDevCon: Android Reverse Engineering

Slides of the presentation at the AnDevCon

Enrique López Mañas

November 14, 2013
Tweet

More Decks by Enrique López Mañas

Other Decks in Programming

Transcript

  1. Ego slide Mobile Developer @ Sixt M. Sc. UCM/RWTH CS

    Teacher at Alcalá University ! ! ! +EnriqueLópezMañas @eenriquelopez
  2. Why Java? -Java code is partially compiled and then interpreted

    -JVM and opcodes are fixed -Few instructions -No real protection
  3. Legal issues Small set: ! - Don’t decompile, recompile and

    pass it off as your own - Don’t try to sell it as your own - If License Agreement forbids decompiling, do not decompile -Don’t decompile to remove protection mechanisms
  4. Legal issues US ! - Precedents allowing decompilation ! (Sega

    vs. Acolade, http://digital- law-online.info/cases/ 24PQ2D1561.htm)
  5. Legal issues EU (Directive on the Legal Protection of Computer

    Programs ) - Allows decompilation ! (if you need access to internal calls and authors refuse to divulge API) ! BUT: ! -Only to interface your program -Only if they are not protected
  6. Generally YES: ! - Understand interoperatibility - Create a program

    interface ! NO: ! - Create a copy and sell it.
  7. Malware Privacy leaks Cheating Code injection Passwords Score manipulation Download

    from obscure sources Personal data Asset manipulation Unrequested data collection/steal Ads
  8. Educational Interfacing Protection Learning code Creating interfaces Checking our own

    mistakes! Researching bugs Improving existing resources
  9. JAD

  10. Java programming (SDK/NDK) Compiling to DEX, running in DVM Package

    signed as APK Distribution (freely, Google Play or other)
  11. How to obtain APKs 1.- Pulling from device 2.- Using

    GooglePlay Python API 3.- Alternative sources 4.- Sniffer transfer
  12. Some tips: •Look for known strings •Not only code: also

    XML and resources •Be aware of obfuscation
  13. Protecting your source [We want] to protect [the] code by

    making reverse engineering so technically difficult that it becomes impossible or at the very least economically inviable. ! -Christian Collberg,