[mDevCamp 2020] Reversing Android Apps

[mDevCamp 2020] Reversing Android Apps

38b49a5fa7e0519f2919ac342a463980?s=128

Marc Obrador

June 11, 2020
Tweet

Transcript

  1. 3.
  2. 5.
  3. 8.
  4. 19.
  5. 20.
  6. 21.
  7. 22.
  8. 23.
  9. 27.
  10. 29.
  11. 31.
  12. 33.
  13. 34.

    Protecting against static analysis ProGuard is a good start… for

    regular apps • It’s just method renaming and code shrinking • Tools for reversing ProGuard exist: http://apk-deguard.com/ Other (paid) alternatives exist for obfuscation Writing sensitve code in native (NDK) is a good idea
  14. 48.
  15. 49.
  16. 50.
  17. 51.
  18. 52.
  19. 53.

    • Implement Root/Debugger/Emulator/Hooking Framework detection • Use certificate pinning •

    Try to detect app tampering Protecting against dynamic analysis
  20. 57.

    $ adb install “Downloads/Artà Beer Festival_v1.2.5_apkpure.com.apk” Performing Streamed Install Success

    $ adb shell am start com.marcobrador.android.artabeerfestival/.SplashActivity Starting: Intent { act=android.intent.action.MAIN cat=[android.intent.category .LAUNCHER] cmp=com.marcobrador.android.artabeerfestival/.SplashActivity }
  21. 59.
  22. 60.
  23. 61.
  24. 63.
  25. 64.
  26. 69.
  27. 70.
  28. 71.