How To Pentest Android Application | Shadow cyber Security


With such a bug user base, any security issues could have big negative impacts. That is why penetration testing of Android applications is important and it is also why Google has a bug bounty program where people can submit vulnerability reports on their most downloaded applications the aim of the project was to assess the security of Android applications from the Google Play Security Reward Program by performing penetration tests on the applications.






A threat model of Android applications was made where potential threats were identified. A choice was made to focus on the Spotify Application for Android where threats were given ratings based in risks associated with them in the context of the Spotify Application.

Penetration tests were made where testing depth was determined by ratings associated with the attacks.



1. Android OS




The Android operating system is based on a modified version of the Linux Kernel. The operating system is based on open source software and uses ARM for its hardware platform.

Things like hidings viruses with tracking abilities and or data stealing could be very harmful to the system's users.

The OS is divided into five main layers. The Linux Kernel, Libraries, Android runtime, Application framework and the Application layer.



2. Android Application




Android application can be written in java, Kotlin or C++ languages and the Android SDK tools can be used to compile code and resources into an Android package or APK fro short.

The APK is an archive file containing all the contests of the application and is the file used to install applications on the Android devices.There APK includes a classes.dex folder with source code classes compiled in dex file format which is understandable by Android Runtime.

There are four types of Components with Android applications:- Activities, Services, Broadcast Receivers and Content Providers.



3. Android Security Implementations




There are two levels of enforcement mechanisms for protections of Android , one of the system level and one of the Inter Component Communication level. At the system level was we have something called Application Sandboxing where each application is assigned a unique user ID and is run as a separate process.So, if for instance an application tries to read data from another application, this is prevented by the fact that the application does not have the right user privileges to read the data.

At the ICC level, the Android Manifest.xml file contains information regarding the allowed communication that can take place between components. for example, if an exported attribute of a components is set to false, the component is private and only accessible within the application originated.



4. Methodology


The start of the project consisted of a theory phase where a lot of information about Android and its applications was gathered. As well as information about the thesis project itself such as what methods to use throughout the project. This was a useful backbone when starting the next step of the project which was threat modeling.

"threat modeling is the use of abstractions to aid in thinking about risks." according to Shostack. It is meant to be a helpful tool in aiding with risk identification and thus it is not about strictly following a guide but rather to use the methods that suits your own system and actually has some use.That is why in this project a choice was made to  combine different methods based on how  they helped in identification of threats to the Android applications.



5. System description of Spotify




The system under consideration is the Spotify application for Android . For those who are unfamiliar with Spotify, it is an application that offers music streaming to logged in users.

As for the application itself, it uses Dagger for dependency injection. It uses GSON and Jackson for serialization and deserialization for objects the allocation also uses comScore, Moat and Crashlytics for analytics of the application. The application uses Firebase for handling push notifications and it uses Proguard for App obfuscation.the application features Bluetooth functions where you can remotely control song playback by linking your application to for example a speaker device, or a car.


6. Penetration Testing




All application on Android are to some extent subject to reverse engineering. The application files are stored in an APK on Android devices. This APK can be unzipped with a number of different tools on a computer. There is a c;lasses.dex file whichontains dalvik byte code, readable by the Android device, but not readable of or humans.The dex file can however be decomposed into something called smali code suing a choice of toole on a computer.

All the being done,the code still will not be perfecta and you would not be able to execute it, the code is however pretty readable which works great for our purposes.



7. Man in the middle attack




Man in the middle attacks are done by the attacker inserting itself in the middle of the networks where the user communicates with a servers. This enables the attacks to look at  the conversation as well as temper with the requests form the user and replies from the  server.

There are different ways to prevent this type of attack. One example is using HTTPS instead of HTTP where the data being sentis encrypted using fro example TLS.



8. Look at the inner files of the Android device


Application store data locally on the Android device, include in this data is sensitive information such as usernames and password.

While the data is usually stored in a data folder in the application file system which cannot be accessed without root access there are several ways of by passing this protection scheme. Th is therefore important that the data is encrypted.



9. Database Attack




There are several choice of cloud databases for Android application to use as well as the possibility of using your own cloud database. One of the most common databases for Android 

applications is Google's Firebase.The Firebase platform included 17 products used by more than 1.5 million applications.

There are options to determine who are allowed to read and write and upon which conditions.  lot of application developers have made reading and writing allowed for everyone to make the tseting of the databases faster and easier,there are some that forgets to change this when the application is released.



10. Intent Injection attack






Android applications use intents to start activities, Services and Broadcast Receivers, In the AndroidManifest.xml used Activities, Services and Broadcast Receivers are declared,if the exported attribute is set to true, the component can be stared by other possibly malicious applications. For security reasons an intent filter can be set to limit the forms of actions that can be taken, what type of data that can sent and what category the  intent should be in.



Conclusion:-


I hope you enjoy reading my blog? You can give any idea from your side and on which topic you can tell to write the next blog, thank you sincerely for reading our blog. Associated :- 


Shadow Cyber ​​Security


    Our Service is :-
   
    1.  web-application-penetration testing
    2.  network penetration testing
    3.  mobile app penetration testing
    4.  latest security patches
    5.  customer cyber solutions
    6.  iot penetration testing
    7.  cloud testing security
    8.  system penetration testing
    9.  malware family threads protraction
   10.  social media security provide
   11.  social engineering security
   12.  website/app design and development
   

These Time Cyber Attack Increase Every Year All Company Regular Basis For Any Cyber Security Advice Ya Question Plz Contact

       
 phone no - 8700320447
       
 website- http://shadowcybersecurity.com/
      

 -----Thanks For Watching-----