Beruflich Dokumente
Kultur Dokumente
Android Reverse
Engineering - A
Kick Start
Introduction
Android
SDK:
http://developer.Android.com/sdk/index.ht
ml
Smali
and
baksmali:
http://code.google.com/p/smali/
Dex2jar:
http://code.google.com/p/dex2jar/
Java
decompiler:
http://java.decompiler.free.fr/
Deurus
Android
crackme
03:
http://crackmes.de/users/deurus/android_
crackme03/
Ljava/lang/String;>valueOf(J)Ljava/lang/String;
83 move-result-object v23
84 invoke-virtual/range {v22 .. v23},
Ljava/lang/StringBuilder;>append(Ljava/lang/String;)Ljava/lang/Str
ingBuilder;
85 move-result-object v22
86 const-string v23, "-"
87 invoke-virtual/range {v22 .. v23},
Ljava/lang/StringBuilder;>append(Ljava/lang/String;)Ljava/lang/Str
ingBuilder;
88 move-result-object v22
89 move-object/from16 v0, v22
90 move-object/from16 v1, v19
91 invoke-virtual {v0, v1},
Ljava/lang/StringBuilder;>append(Ljava/lang/String;)Ljava/lang/Str
ingBuilder;
92 move-result-object v22
93
94 //Checking whether user entered serial
and program made serials are equal.
95 invoke-virtual {v14, v15},
Ljava/lang/String;>equals(Ljava/lang/Object;)
As you can see, the algorithm is pretty
straight forward. It is using name and two
hardware ids as input and doing some
operations on them to make a serial. We
can quite easily recode it in any
programming language that we prefer to
make it as a keygen. Anyways, I am not
posting any keygen sources as it will spoil
the whole phun!
on
Conclusion
In this introductory article, I explained
reversing of an Android application using
the emulator and all available tools in
sequence with pictorial elaborative steps. It
is mainly based to set up your ground for
further reversing work on Android Platform.
Well, thats it! We have analyzed an Android
program and defeated its protection.
Cheerio!
Dhanesh k
Dhanesh is a software engineer
specialized in .NET programming. In
his spare time he works on Win32
reversing and malware analysis.
Android Security
Apps
2. WaveSecure
Another good all-in-one app that protects
your data and privacy. It can track the
location of your phone incase its stolen or
misplaced by you. It basically sends a sms
alert to a pre-defined contact. It has this
acquired by
URL: https://www.wavesecure.com/wavesecure/
android.aspx
3. Protector
It enables users to password protect any
application stored on their phone. This
security app takes it one step further by
enabling users to even password protect any
feature of an existing app on your phone.
Many users will experience the benefits of
this security app.
URL: - http://www.smobilesystems.com/
Few more app you can use Smobile
AntiTheft, aFirewall.
I hope this will help you decide which app to
use and protect your data.
Be Safe
Anti-Virus
Anti-spam. This blocks calls and
messages from annoying person(s).
Firewall. Helps in keeping malicious
programs at bay.
Saurabh Shah
http://twitter.com/saurabhshah
Saurabh Shah
has done Masters in
Computer Science from Pune university.
He says that he would love to try to do
experiments on Android phone and trying
to learn some apps, security is very
important for Android these days before
someone steals or breaks you stuff on
android.
Working as a FrontEnd Web Developer
(@ cloudaccess.net), majorly in Joomla.
Android
Application
Safety
Android is a Linux based mobile
"smartphone"
operating
system.
Android(tm) was designed with security in
mind, and almost all of the important
functions of the system are protected by
layers of defense. Applications installed on
the system declare what features and
functions it needs or wish to access via a
Manifest - a declaration written by the
developer of the app, that cannot be
changed during the lifetime of the
application package installed on the
Android(tm) device. Newer versions of the
app can modify the Manifest, but when
updating the app, the system requests the
user to allow the change. The Manifest
contains important information about the
app - but Permissions are the most
important part by far.
Permissions are a declaration about what
sensitive data and parts of the system are
going to be accessed by the app being
Oren barAd
Oren barAd, working at Droidsecurity for 1
year as a Developer and Researcher focusing
on mobile security.
part time hacker, and
hardware/gadget enthusiast.
Electronic
contracts & the
Indian law
Communications
in
International Contracts.
Section 11:-
the originator
of Electronic Records.
a) if it was sent by the originator
Section 10A of the IT Act, 2000 provides
himself;
c) by
an
information
system
with
the
addressee
(za)):-
acknowledgment
of
that
the
receipt
of
any
given by
electronic
message
to
be
sent,
a) any
communication
addressee,
Originator
doesnt
include
Intermediary.
by
the
automated
or
otherwise; or
b) any conduct of the addressee,
sufficient to indicate to the
Example:-
email to Rohit.
Here, Vivek is the originator & Yahoo is the
intermediary.
Example:-
following message:-
intermediary.
Example:-
back.
an email to Rohit.
Here, Vivek is originator, Yahoo is
Example:-
in this case.
Section 12:-
Acknowledgement of receipt
this
Sec. 13:-
action
of
Pooja
is
of dispatch and
Example:-
record
by
him,
acknowledgment
then
has
unless
been
so
by the originator.
(3) Where
the
originator
has
not
acknowledgment,
acknowledgment
has
and
not
the
been
receipt of an
computer
resource
of
the
computer
the
resource
along
with
Sagar Rahukar
sr@asianlaws.org
Sagar Rahukar, a Law graduate, is
Head(Maharashtra)
at
Asian
School of Cyber Laws. Sagar
specializes
in
Cyber
Law,
Intellectual Property Law and
Corporate Law. Sagar also teaches
law at numerous educational
institutes and has also trained
officials
from
various
law
enforcement agencies.
Tethering your
android
Introduction
Frankly this issue of Command Line Gyan
does not have as much flesh as previous
issues. But we thought of dedicating this
issue to Android so here we are with a small
article on how to tether your android.
As per wikipedia Tethering is the use of a
mobile device with Internet access such as
3G cellular service to serve as an Internet
gateway or access point for other devices.
Other devices may connect to the gateway
via Bluetooth, Wi-Fi or by Universal Serial
Bus (USB) cabling. The connectivity can be
normal GPRS/EDGE or most awaited 3G.
At the same time other device can be other
wi-fi enabled phone/pda, laptop or even
desktop.
For the sake of this article Im taking
example of my Samsung android device but
be assured it will be same in all phones
Linux
I have personally tried this trick in
BackTrack4 and Debian5 (lenny) but Im
sure it will run similarly on other Linux
distros.
The moment you connect your android over
USB youll be prompted with different
connectivity options on the phone as shown
below.
Windows
Sorry
OK, as far as I have tried & seen, I havent
found a way out in windows to do it via
command line. Yes there are a few apps to
tether the phone, but nothing on command
line.
Although its against the spirit of this section
of the magazine but Ills til point out a few
apps to do tethering on Windows
Some of such apps are
1) PDAnet
2) EasyTether
3) Proxoid
Best of luck with GUI in windows
Rohit Srivastwa
rohit@clubhack.com