Bust a Cap in an Android App
|
|
- Bernadette Golden
- 6 years ago
- Views:
Transcription
1 Bust a Cap in an Android App ToorCon 13 October 7th, 2011 Max Veytsman & Subu Ramanathan
2 Us Security Consultants from Toronto Specialize in application security Especially Slide 2
3 You Security analysts, developers or QA testers Fairly familiar with web application pentesting Intrigued by mobile applications Have attempted to root an Android Some knowledge of programming Slide 3
4 This Workshop Introducing ExploitMe Mobile Mobile threat model What you need to know about Android Intercepting traffic Filesystem access Static analysis Runtime analysis (Bonus!) Mobile cryptography pitfalls (Bonus!) Slide 4
5 Demo INTRODUCING EXPLOITME MOBILE Slide 5
6 ExploitMe Mobile Android Labs Server iphone Labs also available Slide 6
7 MOBILE THREAT MODEL Slide 7
8 What can the developers get wrong? Backend implementation Client behavior Client-server communication Slide 8
9 Backend Mobile backend implementations are all susceptible to Authentication/Authorization issues Privilege escalation Input validation errors Injection Threat model is the same as a web app Slide 9
10 Client Insecure data storage Poor cryptography Overzealous Logging Eg. Old Android browser Memory leakage Input validation Eg. Skype XSS bug Threat includes lost/stolen phone and mobile malware Slide 10
11 Client-Server Communication Insecure communication Not using SSL/TLS Leaking sensitive data GPS, identifying phone information, etc Threat includes Man-in-the-Middle attacks Malicious wifi hotspots GSM base station Slide 11
12 Demo (Also available at BYPASSING ANDROID PASSWORD Slide 12
13 Side topic: How easy to root? how easy is it to root a found device? If lockscreen isn t enabled we can enable USB debugging to provide ADB access (yes big if) ADB server is created on a uid=shell user which is not a privileged user in the android world. Slide 13
14 Side topic: How easy to root? Quick example Rage against the cage (Android local root exploit) Slide 14
15 Side topic: How easy to root? AGer restarhng adb, you ll be connected as root Exploited shell to perform root achons on device Install shell, busybox, pull data, apks Slide 15
16 What you need to know ANDROID SECURITY MODEL Slide 16
17 The architecture Multiuser OS running Dalvik VM. (root being highest user) Dalvik runs compiled.dex files, similar to.class files in JAVA, optimized for low powered devices Slide 17
18 Key design points Each app runs as its own user and group Each app runs its own Dalvik VM Breaking out of Dalvik is useless Dalvik does not manage security User permissions do this Apps interact using permission agreed upon on installation Slide 18
19 Android Application Packaging Image : Slide 19
20 Permissions Unique UID / GID for each applicahon Slide 20
21 Permissions Applications must request permissions on install u u u u u Phone calls SMS Location services Calendar access Etc. Unfortunately, you can t deny specifics u Install or no install imgsource: techpp.com Slide 21
22 Permissions Permissions are configured in the APK packaging in AndroidManifest.xml If the permissions change, user will be requested to manually reaccept <permission android:description="string resource" android:icon="drawable resource" android:label="string resource" android:name="string" android:permissiongroup="string" android:protectionlevel=["normal" "dangerous" "signature" "signatureorsystem"] /> Slide 22
23 Android Security Model Summary Android runs.dex files on DalvikVM, each app runs own instance of Dalvik Apps run under their own user and group IDs for segregation of user processes Security is managed through users & file permissions App permissions set in AndroidManifest.xml on install Slide 23
24 INTERCEPTING TRAFFIC Slide 24
25 Android proxying Intercept with proxy Internet Slide 25
26 Proxy using what? We will discuss two Android proxy scenarios for an assessor The Android emulator A rooted Android device Slide 26
27 Quick requirements: The Android SDK u hsp://developer.android.com/sdk/index.html u u Android Debugging Bridge (adb) Enable USB debugging (careful!) The Bouncy Castle Java Library u hsp://bouncycastle.org/latest_releases.html u u Place in $JAVA_HOME/lib/ext Used for inserhon of cerhficate into Android keystore Slide 27
28 Intercepting Traffic PROXYING THE ANDROID EMULATOR Slide 28
29 Proxying the Android Emulator Start up and configure an emulator using Android SDK./emulator -avd <name> -partition-size 128 Slide 29
30 A note on SSL Small issue: invalid SSL cert = dropped connection Proxying SSL will give invalid SSL certificate Slide 30
31 A note on SSL trusted certificate for our proxy Solution: modify the Android certificate store to trust our proxy certificate Slide 31
32 Adding a Trusted Certificate to Android adb pull /system/etc/security/cacerts.bks cacerts.bks Pull trusted cerhficate store from device cacerts.bks Slide 32
33 Adding a Trusted Certificate to Android keytool -keystore cacerts.bks -storetype BKS -provider org.bouncycastle.jce.provider.bouncycastleprovider -storepass changeit -importcert -trustcacerts -alias <##CERT ALIAS HERE##> -file <##YOUR PROXY.CRT HERE##> Insert our cerhficate into keystore using keytool (Standard with JAVA JRE) Slide 33
34 Adding a Trusted Certificate to Android adb remount Mount remote Android file system read & write Slide 34
35 Adding a Trusted Certificate to Android adb push cacerts.bks /system/etc/security/ 4) Push modified CA keystore (May have to change permissions to overwrite) Slide 35
36 Save this system image Why? upon bootup, the keystores for the emulator reset To avoid hassle, you can save this version of system parhhon Slide 36
37 Save this system image >adb push /path/to/mkfs.yaffs2.arm /system/xbin/mkfs.yaffs2 1) Upload YAFFS2 mkfs binary Here: Slide 37
38 Save this system image >adb shell # mkfs.yaffs2 /system /sdcard/system.img mkfs.yaffs2: Android YAFFS2 Tool,Build by PowerGUI at Building... Build Ok. # 2) build system image on emulator Slide 38
39 Save this system image adb pull /sdcard/system.img 3) Pull system image from emulator Slide 39
40 Restart emulator using proxy flag./emulator -avd myavd -partition-size 128 -system /path/to/system.img -http-proxy :8888 Here, we specify the hsp- proxy flag and the system parhhon that we created Slide 40
41 A note about http-proxy flag -http-proxy :8888 Flag has problems. Browser traffic will proxy, however applicahon traffic is very hit or miss. u If issues, try debug- proxy flag Used rooted Android device for true app assessments u other tests can be done on the emulator Slide 41
42 Android emulator proxy complete! Slide 42
43 Tsocks for app traffic on emulator tsocks will be our soluhon to the inability to proxy app traffic in the emulator u u u u Encapsulates network traffic transparently into a SOCKS proxy Install tsocks and modify semngs in /etc/ tsocks.conf Run tsocks emulator Charles and Slide 43
44 Intercepting Traffic PROXYING AN ANDROID DEVICE Slide 44
45 Proxy real device Android does not include built in proxy support Network proxy is for browser, not apps There are workarounds we ll show you best way to proxy apps is using a device! Note: You ll need to be root and have a ROM that supports iptables such as CyanogenMod hsp:// Slide 45
46 Proxy real device To proxy a Android device we ll go through three steps: 1. Have rooted ROM with iptables (Cyanogen) 2. Install Superuser (if not already part of ROM) 3. Install a proxy tool such as Autoproxy Slide 46
47 Proxy real device Connect device to computer with USB Enable USB Debugging Semngs > Manage ApplicaHons > Development Slide 47
48 If you need SSL, same steps: adb pull /system/etc/security/cacerts.bks cacerts.bks keytool -keystore cacerts.bks -storetype BKS -provider org.bouncycastle.jce.provider.bouncycastlepr ovider -storepass changeit -importcert - trustcacerts -alias <##CERT ALIAS HERE##> - file <##YOUR PROXY.CRT HERE##> adb remount adb push cacerts.bks /system/etc/security/ Slide 48
49 Install tools 1) Enable Unknown sources Slide 49
50 adb install superuser.apk 2) Install Superuser (reboot) Slide 50
51 adb install transproxy.apk 3) Install TransProxy or AutoProxy Slide 51
52 Configure proxy app Slide 52
53 Device proxy complete! Why do we need such tools? As discussed, by default Android has no proxy mechanism for applicahon traffic these tools act as a front end to iptables If you are elite, then you can use iptables command line in Cyanogen Slide 53
54 One last thing tcpdump Emulator supports - tcpdump <file> flag Captures network traffic to file Great for debugging or understanding network side of emulator Use for quick traffic analysis for apps.. Doesn t need proxy Slide 54
55 TCPDump open with wireshark emulator -avd LabAVD tcpdump dump.cap Slide 55
56 Demo PARAMETER MANIPULATION Slide 56
57 FILESYSTEM ACCESS Slide 57
58 Android Filesystem Access We want to analyze files within the device, so how do we do this? ADB (windows, linux, mac) Slide 58
59 Android Filesystem Access Android Debug Bridge (adb) command Access a shell Pull/push files Many more Slide 59
60 ADB Slide 60
61 Example of ADB Slide 61
62 Quick look at some apps We re going to use Android s default mail client (Note this is for a rooted device) Navigate to the shared_prefs directory of the applicahon Slide 62
63 Quick look at some apps cat (read) the file Slide 63
64 Quick look at some apps aw1hcctzc2wroi8vc2ntb2jpbgvhchb0zxn0jtqwz21hawwuy29tomfi Y0RFRjEyM0BpbWFwLmdtYWlsLmNvbTo5OTM= Base 64 decode imap+ssl+://scmobileapptest SCMOBILETESTAPP:abcDEF123 Slide 64
65 Other ADB Commands Pull: Push: Slide 65
66 Advanced Shell (BusyBox) AlternaHve shells exist such as Busybox. These include features not in ADB Grep, find, vi, etc. Slide 66
67 Filesystem Access COMMON FILES Slide 67
68 SQLite Single file relahonal database Supported by Android to store applicahon semngs/data Often favored by developers for key/value storage Slide 68
69 SQLite LisHng tables:.tables Select statements for queries, SQL syntax Slide 69
70 XML Used by Android to store many things (shared prefs, manifest, etc.) OGen contains data stored by apps such as usernames or passwords Slide 70
71 Demo EXTRACTING CREDENTIALS Slide 71
72 LOGGING Slide 72
73 Logging ApplicaHons may leak data through gratuitous logging In older versions of Android, the browser would log URLs visited This also logged session IDs for websites that put it in the GET request Slide 73
74 Viewing Android Logs Use adb logcat Slide 74
75 Demo INSECURE LOGGING Slide 75
76 CLIENT ANALYSIS Slide 76
77 Android Application Layout Apps are packaged in an APK file (zip archive) What s in it? Dalvik class files (dex) Assets and Resources AndroidManifest.xml (packed in a binary format) APKs stored at /data/app on a device Can extract this Slide 77
78 Android Application Layout Android JAVA Original.java.java Compiled.dex.class Optimized.odex n/a Packaging.apk.jar Modification Apktool, baksmali Jad, java decompiler Slide 78
79 Android Application Layout Image : Slide 79
80 AndroidManifest.xml Enumerates permissions We are most interested in permissions and metadata Slide 80
81 Analyzing an APK The files inside an APK aren t directly useful Need to unpack the XML, disassemble the dex class files Apktool does this!! hsp://code.google.com/p/android- apktool/ Slide 81
82 Apktool Uses APK APK (reengineered) Slide 82
83 Disassembly to Smali Smali is the Dalvik assembly Unlike JVM, register based Fairly readable.class public LHelloWorld;.super Ljava/lang/Object;.method public stahc main([ljava/lang/string;)v.registers 2 sget- object v0, Ljava/lang/System;- >out:ljava/io/printstream; const- string v1, "Hello World! invoke- virtual {v0, v1}, Ljava/io/PrintStream;- >println(ljava/lang/string;)v return- void.end method Slide 83
84 Decompilation Looking at decompiled java is easier than reading Smali You may be familiar with jad or jdgui Use dex2jar to get a (JVM) jar from an apk Perform source review on decompiled app Doesnt work for all apks Slide 84
85 Decompilation Slide 85
86 Demo CLIENT ANALYSIS Slide 86
87 Tips Approach like traditional application reverse engineering Be aware of attack vectors buffer overflow type bugs not always fruitful Lot s of apps have poor key management Try to turn off rooting detection either through patching or application settings Slide 87
88 RUNTIME ANALYSIS Slide 88
89 Why Do Runtime Analysis Companion to stahc analysis Explore execuhon through a debugger Access stack values Extract code from encrypted binary (ios only) Possible asack vector Use a debugger to jump through a security check Slide 89
90 Why Do Runtime Analysis Many things that happen in an app lifecycle memory branch Slide 90
91 Debugging as an Attack Vector Jump over client- side business logic checks ipad app client- enforced restrichons Jump over the branch to access other areas of code Using a debugger to get confidential data in memory (lost or stolen phone) Slide 91
92 Debugging as an Attack Vector Locked banking app manually call Intents? Bypass screens by directly launching achvihes Slide 92
93 Android Debugging We use ddms (Dalvik Debug Monitor Server) available in the SDK Dump the applicahon's heap ASach a remote debugger Slide 93
94 Attach to process Slide 94
95 Dump the heap (hprof) Slide 95
96 A Note on HPROF HPROF is java s heap and cpu profiling file format This is used by developers to profile cpu and memory usage We use it to browse heap values at the Hme of the heap dump Slide 96
97 Convert HPROF file We need to convert the file from the Dalvik HPROF format to the format used by Java We can then use Java tools to analyze it hprof- conv com.android. .hprof com.android. .fixed.hprof Slide 97
98 Analyze Heap Slide 98
99 Memory Analyzer Dominator tree Group by List objects Slide 99
100 Finding Heap Values Slide 100
101 Finding Heap Values Slide 101
102 Demo (Android) DUMPING MEMORY Slide 102
103 MOBILE CRYPTOGRAPHY Slide 103
104 Mobile Cryptography We must treat the mobile device as hoshle Don t store sensihve data unencrypted! (Basic EncrypHon lab) Doing encryphon well is HARD (Advanced EncrypHon lab) Best prachce: don t store any sensihve data on device Slide 104
105 If You Must Encrypt Issues of cryptography are issues of implementahon This is ogen taken to mean Don t write your own AES library, but no. We mean key management We mean how the cipher is used Slide 105
106 Data in transit SSL/TLS is the golden standard here Easy to plug into mobile app, use HTTPS We find some mobile apps add a second layer of encryphon over SSL/TLS Make it harder to analyze app s traffic Extra security Slide 106
107 Data at rest Easier to get right than data in transit SHll hard to do right Your main concern is key management If the client can decrypt data on its own, an asacker can too (reverse engineering) We need to have a secret not stored on the client Slide 107
108 External Secret The user can type in the encryphon key Difficult to remember/type The backend can give the client the encryphon key ager user authenhcates Need secure authenhcahon framework OR we can have the user remember a password, and somehow derive a key from it Slide 108
109 Password Based Key Derivation In ExploitMe Mobile we had the user authenhcate with local password This was inihally used as a UI lock, in case the phone was lost/stolen We will use this password to generate a key The standard we use is PBKDF2 Slide 109
110 Password Based Key Derivation public SecretKey genkeypwkdf2(string password, byte[] salt, int iterations) throws { SecretKeyFactory f =SecretKeyFactory.getInstance ("PBKDF2WithHmacSHA1"); PBEKeySpec keyspec = new PBEKeySpec( password.tochararray(), salt, iterations, KEY_BITS); SecretKey generatedkey = f.generatesecret(keyspec); return generatedkey; } Slide 110
111 How Do We Use This? public int unlockapplication(string password) throws exceptions { if (checkpassword(password)) { mcryptokey=mcipher.genkeypwkdf2(password, getpbksalt(), CryptoTool.NUM_ITERATIONS).getEncoded(); cleartextserveruser = mcipher.decryptb64string( getrestusername(), mcryptokey, getrestusernameiv()); cleartextserverpass = mcipher.decryptb64string( getrestpassword(), mcryptokey, getrestpasswordiv()); int statuscode = performlogin( cleartextserveruser, cleartextserverpass); if (statuscode == RestClient.NULL_ERROR) { locked = false; return statuscode; } } return RestClient.NO_OP; } Slide 111
112 Checking the Password Note if (checkpassword(password)) We perform a password check against a hash If we stored hashed passwords on the device, an asacker could crack it We can also use PBKD as an authenhcahon mechanism Slide 112
113 Using PBE for authentication As before, use the password entered by the user to generate the key Now encrypt a known value with that key When the user enters a password, try to decrypt the known value with the derived key If it is successful, the user has the correct password, otherwise the user doesn t Slide 113
114 Other Considerations An asacker can build up a rainbow table, especially if they know an encrypted value we store Or they can pre- compute keys derived from common passwords Salt the password used for PBKDF Enforce strong local passwords Slide 114
115 Questions? Max Subu Slide 115
Thursday, October 25, 12. How we tear into that little green man
How we tear into that little green man Who are you?! Mathew Rowley (@wuntee) Senior security consultant at Matasano Agenda Techniques MITM - SSL Static analysis -> Skype secret menu Modifying an app ->
More informationOWASP German Chapter Stammtisch Initiative/Ruhrpott. Android App Pentest Workshop 101
OWASP German Chapter Stammtisch Initiative/Ruhrpott Android App Pentest Workshop 101 About What we will try to cover in the first session: Setup of a Mobile Application Pentest Environment Basics of Mobile
More informationMobile hacking. Marit Iren Rognli Tokle
Mobile hacking Marit Iren Rognli Tokle 14.11.2018 «Hacker boss Marit» Software Engineer at Sopra Steria Leading TG:Hack, Norways largest hacking competition Leading UiO-CTF with Laszlo Shared 1st place
More informationMobile Hacking & Security. Ir. Arthur Donkers & Ralph Moonen, ITSX
Mobile Hacking & Security Ir. Arthur Donkers & Ralph Moonen, ITSX Introduction Who we are: Ir. Arthur Donkers Ralph Moonen ITSX 2 Agenda Mobile Threats BYOD iphone and Android hacking 3 Threats Various:
More informationThe Android security jungle: pitfalls, threats and survival tips. Scott
The Android security jungle: pitfalls, threats and survival tips Scott Alexander-Bown @scottyab The Jungle Ecosystem Google s protection Threats Risks Survival Network Data protection (encryption) App/device
More informationSecurity Philosophy. Humans have difficulty understanding risk
Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy
More informationAndroid security enforcements
Android security enforcements Hello DroidCon! Javier Cuesta Gómez Android Engineer manager @Grab Android 2017 security 450 reports $1.1 payout The most difficult OWASP security risks: Unintended data leakage
More informationAHNLAB 조주봉 (silverbug)
AHNLAB 조주봉 (silverbug) Android Android is a software stack for mobile devices that includes an operating system, middleware and key applications. Application framework Dalvik virtual machine Integrated
More informationPass, No Record: An Android Password Manager
Pass, No Record: An Android Password Manager Alex Konradi, Samuel Yeom December 4, 2015 Abstract Pass, No Record is an Android password manager that allows users to securely retrieve passwords from a server
More informationLab 4 In class Hands-on Android Debugging Tutorial
Lab 4 In class Hands-on Android Debugging Tutorial Submit lab 4 as PDF with your feedback and list each major step in this tutorial with screen shots documenting your work, i.e., document each listed step.
More informationCh 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated
Ch 1: The Mobile Risk Ecosystem CNIT 128: Hacking Mobile Devices Updated 1-12-16 The Mobile Ecosystem Popularity of Mobile Devices Insecurity of Mobile Devices The Mobile Risk Model Mobile Network Architecture
More informationBreaking and Securing Mobile Apps
Breaking and Securing Mobile Apps Aditya Gupta @adi1391 adi@attify.com +91-9538295259 Who Am I? The Mobile Security Guy Attify Security Architecture, Auditing, Trainings etc. Ex Rediff.com Security Lead
More informationSalesforce1 Mobile Security White Paper. Revised: April 2014
Salesforce1 Mobile Security White Paper Revised: April 2014 Table of Contents Introduction Salesforce1 Architecture Overview Authorization and Permissions Communication Security Authentication OAuth Pairing
More informationManage Mobile Security Incidents Like A Boss
Manage Mobile Security Incidents Like A Boss Ismail Guneydas Security Manager/Faculty Kimberly Clark/Texas A&M 10/02/2015 Legal Notice From My Lawyer The opinions expressed in this presentation represent
More informationCertified Secure Web Application Engineer
Certified Secure Web Application Engineer ACCREDITATIONS EXAM INFORMATION The Certified Secure Web Application Engineer exam is taken online through Mile2 s Assessment and Certification System ( MACS ),
More informationLecture 1 - Introduction to Android
Lecture 1 - Introduction to Android This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/
More informationAndroid Analysis Tools. Yuan Tian
Android Analysis Tools Yuan Tian Malware are more creative: XcodeGhost More than 300 a pps are infected, including wechat and netease Collect device ID, Apple ID and p assword 10/3/15 CMU Mobile Security
More informationDrone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
More informationTECHNICAL WHITE PAPER Penetration Test. Penetration Test. We help you build security into your software at every stage. 1 Page
Penetration Test We help you build security into your software at every stage 1 Page Table of Contents 1 Overview... 3 2 Penetration Test Services Overview... 4 2.1 Values of penetration testing... 4 2.2
More informationAbusing Android In-app Billing feature thanks to a misunderstood integration. Insomni hack 18 22/03/2018 Jérémy MATOS
Abusing Android In-app Billing feature thanks to a misunderstood integration Insomni hack 18 22/03/2018 Jérémy MATOS whois securingapps Developer background Worked last 12 years in Switzerland on security
More informationMobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing
Mobile Malfeasance Exploring Dangerous Mobile Code Jason Haddix, Director of Penetration Testing Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to
More informationCSWAE Certified Secure Web Application Engineer
CSWAE Certified Secure Web Application Engineer Overview Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized
More informationInstalling and configuring an Android device emulator. EntwicklerCamp 2012
Installing and configuring an Android device emulator EntwicklerCamp 2012 Page 1 of 29 Table of Contents Lab objectives...3 Time estimate...3 Prerequisites...3 Getting started...3 Setting up the device
More informationVII. Corente Services SSL Client
VII. Corente Services SSL Client Corente Release 9.1 Manual 9.1.1 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Table of Contents Preface... 5 I. Introduction... 6 Chapter 1. Requirements...
More informationMcAfee Certified Assessment Specialist Network
McAfee MA0-150 McAfee Certified Assessment Specialist Network Version: 4.0 Topic 1, Volume A QUESTION NO: 1 An attacker has compromised a Linux/Unix host and discovers a suspicious file called "password"
More informationThe Attacker s POV Hacking Mobile Apps. in Your Enterprise to Reveal Real Vulns and Protect the Business. Tony Ramirez
The Attacker s POV Hacking Mobile Apps in Your Enterprise to Reveal Real Vulns and Protect the Business Tony Ramirez AGENDA & SPEAKERS Introduction Attacks on Mobile Live Demo Recommendations Q&A Tony
More informationOverview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.
Overview of SSL/TLS Luke Anderson luke@lukeanderson.com.au 12 th May 2017 University Of Sydney Overview 1. Introduction 1.1 Raw HTTP 1.2 Introducing SSL/TLS 2. Certificates 3. Attacks Introduction Raw
More informationPenetration Testing with Kali Linux
Penetration Testing with Kali Linux PWK Copyright Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security No part of this publication, in whole or in part, may
More information(System) Integrity attacks System Abuse, Malicious File upload, SQL Injection
Pattern Recognition and Applications Lab (System) Integrity attacks System Abuse, Malicious File upload, SQL Injection Igino Corona igino.corona (at) diee.unica.it Computer Security April 9, 2018 Department
More informationHackveda Training - Ethical Hacking, Networking & Security
Hackveda Training - Ethical Hacking, Networking & Security Day1: Hacking windows 7 / 8 system and security Part1 a.) Windows Login Password Bypass manually without CD / DVD b.) Windows Login Password Bypass
More informationdroidcon Greece Thessaloniki September 2015
droidcon Greece Thessaloniki 10-12 September 2015 Reverse Engineering in Android Countermeasures and Tools $ whoami > Dario Incalza (@h4oxer) > Application Security Engineering Analyst > Android Developer
More informationWhen providing a native mobile app ruins the security of your existing web solution. CyberSec Conference /11/2015 Jérémy MATOS
When providing a native mobile app ruins the security of your existing web solution CyberSec Conference 2015 05/11/2015 Jérémy MATOS whois securingapps Developer background Spent last 10 years working
More informationSecuring ArcGIS Services
Federal GIS Conference 2014 February 10 11, 2014 Washington DC Securing ArcGIS Services James Cardona Agenda Security in the context of ArcGIS for Server Background concepts Access Securing web services
More informationIntrospy Security Profiling for Blackbox ios and Android. Marc Blanchou Alban Diquet
Introspy Security Profiling for Blackbox ios and Android Marc Blanchou Alban Diquet Introduction What is it about? Tool release: Introspy Security profiler for ios and Android applications Useful to developers,
More informationCopyright
1 Security Test EXTRA Workshop : ANSWER THESE QUESTIONS 1. What do you consider to be the biggest security issues with mobile phones? 2. How seriously are consumers and companies taking these threats?
More informationMobile and Wireless Systems Programming
to Android Android is a software stack for mobile devices that includes : an operating system middleware key applications Open source project based on Linux kernel 2.6 Open Handset Alliance (Google, HTC,
More informationSalesforce Mobile App Security Guide
Salesforce Mobile App Security Guide Version 3, 0 @salesforcedocs Last updated: October 11, 2018 Copyright 2000 2018 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationArchitecture. Steven M. Bellovin October 31,
Architecture Steven M. Bellovin October 31, 2016 1 Web Servers and Security The Web is the most visible part of the net Two web servers Apache (open source) and Microsoft s IIS dominate the market Apache
More informationWeb Application & Web Server Vulnerabilities Assessment Pankaj Sharma
Web Application & Web Server Vulnerabilities Assessment Pankaj Sharma Indian Computer Emergency Response Team ( CERT - IN ) Department Of Information Technology 1 Agenda Introduction What are Web Applications?
More informationCTF Workshop. Crim Synopsys, Inc. 1
CTF Workshop Crim2018 31.10.2018 2018 Synopsys, Inc. 1 CTF (Capture the Flag) Capture the Flag (CTF) is a computer security competition. CTF are usually designed test and teach computer security skills.
More informationCourse 834 EC-Council Certified Secure Programmer Java (ECSP)
Course 834 EC-Council Certified Secure Programmer Java (ECSP) Duration: 3 days You Will Learn How To Apply Java security principles and secure coding practices Java Security Platform, Sandbox, JVM, Class
More information1 About Web Security. What is application security? So what can happen? see [?]
1 About Web Security What is application security? see [?] So what can happen? 1 taken from [?] first half of 2013 Let s focus on application security risks Risk = vulnerability + impact New App: http://www-03.ibm.com/security/xforce/xfisi
More informationAndroid System Development Training 4-day session
Android System Development Training 4-day session Title Android System Development Training Overview Understanding the Android Internals Understanding the Android Build System Customizing Android for a
More informationANDROID SYLLABUS. Advanced Android
Advanced Android 1) Introduction To Mobile Apps I. Why we Need Mobile Apps II. Different Kinds of Mobile Apps III. Briefly about Android 2) Introduction Android I. History Behind Android Development II.
More informationIJRDTM Kailash ISBN No Vol.17 Issue
ABSTRACT ANDROID OPERATING SYSTEM : A CASE STUDY by Pankaj Research Associate, GGSIP University Android is a software stack for mobile devices that includes an operating system, middleware and key applications.
More informationSHWETANK KUMAR GUPTA Only For Education Purpose
Introduction Android: INTERVIEW QUESTION AND ANSWER Android is an operating system for mobile devices that includes middleware and key applications, and uses a modified version of the Linux kernel. It
More informationApplication Security Introduction. Tara Gu IBM Product Security Incident Response Team
Application Security Introduction Tara Gu IBM Product Security Incident Response Team About Me - Tara Gu - tara.weiqing@gmail.com - Duke B.S.E Biomedical Engineering - Duke M.Eng Computer Engineering -
More informationSecuring Apache Tomcat. AppSec DC November The OWASP Foundation
Securing Apache Tomcat AppSec DC November 2009 Mark Thomas Senior Software Engineer & Consultant SpringSource mark.thomas@springsource.com +44 (0) 2380 111500 Copyright The Foundation Permission is granted
More informationMobile devices boon or curse
Mobile devices boon or curse Oliver Ng - Director of Training Kishor Sonawane - India Lead Security Compass Consulting & Training Consumerization According to Apple s chief operating officer, 65 percent
More informationAttacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14
Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.
More informationSSL Configuration Oracle Banking Liquidity Management Release [April] [2017]
SSL Configuration Oracle Banking Liquidity Management Release 12.4.0.0.0 [April] [2017] Table of Contents 1. CONFIGURING SSL ON ORACLE WEBLOGIC... 1-1 1.1 INTRODUCTION... 1-1 1.2 SETTING UP SSL ON ORACLE
More informationPracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam
PracticeDump http://www.practicedump.com Free Practice Dumps - Unlimited Free Access of practice exam Exam : SY0-501 Title : CompTIA Security+ Certification Exam Vendor : CompTIA Version : DEMO Get Latest
More informationECE 471 Embedded Systems Lecture 22
ECE 471 Embedded Systems Lecture 22 Vince Weaver http://www.eece.maine.edu/~vweaver vincent.weaver@maine.edu 31 October 2018 Don t forget HW#7 Announcements 1 Computer Security and why it matters for embedded
More informationCh 7: Mobile Device Management. CNIT 128: Hacking Mobile Devices. Updated
Ch 7: Mobile Device Management CNIT 128: Hacking Mobile Devices Updated 4-4-17 What is MDM? Frameworks that control, monitor, and manage mobile devices Deployed across enterprises or service providers
More informationBackend IV: Authentication, Authorization and Sanitization. Tuesday, January 13, 15
6.148 Backend IV: Authentication, Authorization and Sanitization The Internet is a scary place Security is a big deal! TODAY What is security? How will we try to break your site? Authentication,
More informationC and C++ Secure Coding 4-day course. Syllabus
C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course
More informationBUILDING A TEST ENVIRONMENT FOR ANDROID ANTI-MALWARE TESTS Hendrik Pilz AV-TEST GmbH, Klewitzstr. 7, Magdeburg, Germany
BUILDING A TEST ENVIRONMENT FOR ANDROID ANTI-MALWARE TESTS Hendrik Pilz AV-TEST GmbH, Klewitzstr. 7, 39112 Magdeburg, Germany Email hpilz@av-test.de ABSTRACT The growth of the Smartphone market over the
More informationCOMP9321 Web Application Engineering
COMP9321 Web Application Engineering Semester 2, 2016 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid=2445 1 Assignment
More informationCryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea
Cryptography SSL/TLS Network Security Workshop 3-5 October 2017 Port Moresby, Papua New Guinea 1 History Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent
More informationChapter 2. Operating-System Structures
Chapter 2 Operating-System Structures 2.1 Chapter 2: Operating-System Structures Operating System Services User Operating System Interface System Calls Types of System Calls System Programs Operating System
More informationDeveloping Android applications in Windows
Developing Android applications in Windows Below you will find information about the components needed for developing Android applications and other (optional) software needed to connect to the institution
More informationNasuni Data API Nasuni Corporation Boston, MA
Nasuni Corporation Boston, MA Introduction The Nasuni API has been available in the Nasuni Filer since September 2012 (version 4.0.1) and is in use by hundreds of mobile clients worldwide. Previously,
More informationCS 642 Homework #4. Due Date: 11:59 p.m. on Tuesday, May 1, Warning!
CS 642 Homework #4 Due Date: 11:59 p.m. on Tuesday, May 1, 2007 Warning! In this assignment, you will construct and launch attacks against a vulnerable computer on the CS network. The network administrators
More informationApplication Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
More informationWirtschaftsinformatik Skiseminar ao. Prof. Dr. Rony G. Flatscher. Seminar paper presentation Dennis Robert Stöhr
Android Programming Wirtschaftsinformatik Skiseminar ao. Prof. Dr. Rony G. Flatscher Seminar paper presentation Dennis Robert Stöhr 0453244 11.01.2011 Agenda Introduction Basics of Android Development
More informationHacking a Moving Target
Hacking a Moving Target Mobile ApplicaLon PenetraLon Chris Cuevas Senior Security Consultant ccuevas@secureideas.net Office - 904-639- 6709 2012 Secure Ideas LLC hdp://www.secureideas.net Chris Cuevas
More informationApplications Mobiles et Internet des Objets Introduction a l architecture d Android
Applications Mobiles et Internet des Objets Introduction a l architecture d Android Thibault CHOLEZ - thibault.cholez@loria.fr TELECOM Nancy - Universite de Lorraine LORIA - INRIA Nancy Grand-Est From
More informationWhy bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions?
Jeroen van Beek 1 Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions? 2 Inadequate OS and application security: Data abuse Stolen information Bandwidth
More informationID: Sample Name: YNtbLvNHuo Cookbook: defaultandroidfilecookbook.jbs Time: 14:44:34 Date: 12/01/2018 Version:
ID: 42511 Sample Name: YNtbLvNHuo Cookbook: defaultandroidfilecookbook.jbs Time: 14:44:34 Date: 12/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information
More informationSalesforce Mobile App Security Guide
Salesforce Mobile App Security Guide Version 2, 2 @salesforcedocs Last updated: November 2, 2017 Copyright 2000 2017 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationWHITE PAPER. Authentication and Encryption Design
WHITE PAPER Authentication and Encryption Design Table of Contents Introduction Applications and Services Account Creation Two-step Verification Authentication Passphrase Management Email Message Encryption
More informationTale of a mobile application ruining the security of global solution because of a broken API design. SIGS Geneva 21/09/2016 Jérémy MATOS
Tale of a mobile application ruining the security of global solution because of a broken API design SIGS Geneva 21/09/2016 Jérémy MATOS whois securingapps Developer background Spent last 10 years working
More informationMobile Payment Application Security. Security steps to take while developing Mobile Application s. SISA Webinar.
Mobile Payment Application Security Security steps to take while developing Mobile Application s About SISA Payment Security Specialists PCI Certification Body (PCI Qualified Security Assessor) Payment
More informationCIS 700/002 : Special Topics : OWASP ZED (ZAP)
CIS 700/002 : Special Topics : OWASP ZED (ZAP) Hitali Sheth CIS 700/002: Security of EMBS/CPS/IoT Department of Computer and Information Science School of Engineering and Applied Science University of
More informationWeb Servers and Security
Web Servers and Security The Web is the most visible part of the net Two web servers Apache (open source) and Microsoft s IIS dominate the market (Apache has 70%; IIS has 20%) Both major servers have lots
More informationEmbedded/Connected Device Secure Coding. 4-Day Course Syllabus
Embedded/Connected Device Secure Coding 4-Day Course Syllabus Embedded/Connected Device Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted
More informationNasuni Data API Nasuni Corporation Boston, MA
Nasuni Corporation Boston, MA Introduction The Nasuni API has been available in the Nasuni Filer since September 2012 (version 4.0.1) and is in use by hundreds of mobile clients worldwide. Previously,
More informationWhy bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions?
Jeroen van Beek 1 Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions? 2 Inadequate OS and application security: Data abuse Stolen information Bandwidth
More informationWhy bother? Causes of data breaches OWASP. Top ten attacks. Now what? Do it yourself Questions?
Jeroen van Beek 1 Why bother? Causes of data breaches OWASP Top ten attacks Now what? Do it yourself Questions? 2 In many cases the web application stores: Credit card details Personal information Passwords
More informationLecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015
Lecture 10 Denial of Service Attacks (cont d) Thursday 24/12/2015 Agenda DoS Attacks (cont d) TCP DoS attacks DNS DoS attacks DoS via route hijacking DoS at higher layers Mobile Platform Security Models
More informationWorkspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902
Workspace ONE UEM Certificate Authentication for EAS with ADCS VMware Workspace ONE UEM 1902 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationEndpoint Security - what-if analysis 1
Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File
More informationExam4Free. Free valid exam questions and answers for certification exam prep
Exam4Free http://www.exam4free.com Free valid exam questions and answers for certification exam prep Exam : MA0-150 Title : McAfee Certified Assessment Specialist- UH Vendors : McAfee Version : DEMO Get
More informationProtect Your Application with Secure Coding Practices. Barrie Dempster & Jason Foy JAM306 February 6, 2013
Protect Your Application with Secure Coding Practices Barrie Dempster & Jason Foy JAM306 February 6, 2013 BlackBerry Security Team Approximately 120 people work within the BlackBerry Security Team Security
More informationSecure Communications Over a Network
Secure Communications Over a Network Course: MITS:5400G Proffessor: Dr. Xiaodong Lin By: Geoff Vaughan 100309160 March 20th 2012 Abstract The purpose of this experiment is to transmit an encrypted message
More informationSecuring Internet Communication: TLS
Securing Internet Communication: TLS CS 161: Computer Security Prof. David Wagner March 11, 2016 Today s Lecture Applying crypto technology in practice Two simple abstractions cover 80% of the use cases
More informationCisco Unified Serviceability
Cisco Unified Serviceability Introduction, page 1 Installation, page 5 Introduction This document uses the following abbreviations to identify administration differences for these Cisco products: Unified
More informationEphesoft Transact 4.1 Workaround Guide
Page 0 Ephesoft Transact 4.1 Workaround Guide Extracting Meaning from Unstructured Content. Revision c Page 1 Table of Contents CONTENTS Workaround for broken throughput reports... 2 Importing Certificates
More informationEthical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities
Ethical Hacking and Countermeasures: Web Chapter 3 Web Application Vulnerabilities Objectives After completing this chapter, you should be able to: Understand the architecture of Web applications Understand
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationForeword by Katie Moussouris... Acknowledgments... xvii. Introduction...xix. Chapter 1: The Basics of Networking... 1
Brief Contents Foreword by Katie Moussouris.... xv Acknowledgments... xvii Introduction...xix Chapter 1: The Basics of Networking... 1 Chapter 2: Capturing Application Traffic... 11 Chapter 3: Network
More informationC1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
More informationWeb Servers and Security
Web Servers and Security The Web is the most visible part of the net Two web servers Apache (open source) and Microsoft s IIS dominate the market Apache has 49%; IIS has 36% (source: http://news.netcraft.com/archives/2008/09/30/
More information01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED
01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED Contents 1. Introduction 3 2. Security Testing Methodologies 3 2.1 Internet Footprint Assessment 4 2.2 Infrastructure Assessments
More informationPenetration Testing following OWASP. Boyan Yanchev Chief Technology Ofcer Peter Dimkov IS Consultant
Penetration Testing following OWASP Boyan Yanchev Chief Technology Ofcer Peter Dimkov IS Consultant За Лирекс Penetration testing A method of compromising the security of a computer system or network by
More informationSecurity context. Technology. Solution highlights
Code42 CrashPlan Security Code42 CrashPlan provides continuous, automatic desktop and laptop backup. Our layered approach to security exceeds industry best practices and fulfills the enterprise need for
More informationAndroid App Development
Android App Development Course Contents: Android app development Course Benefit: You will learn how to Use Advance Features of Android with LIVE PROJECTS Original Fees: 15000 per student. Corporate Discount
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationClay Tablet Connector for Adobe Experience Manager. User Guide. Version 2.3.0
Clay Tablet Connector for Adobe Experience Manager User Guide Version 2.3.0 March 9, 2015 Copyright Copyright 2005-2015 Clay Tablet Technologies Inc. All rights reserved. All rights reserved. This document
More informationAndroid Internals and the Dalvik VM!
Android Internals and the Dalvik VM! Adam Champion, Andy Pyles, Boxuan Gu! Derived in part from presentations by Patrick Brady, Dan Bornstein, and Dan Morrill from Google (http://source.android.com/documentation)!
More information