👾
General
  • 👾whomai
  • 🔥Mobile Pentest
    • 😎Android Architecture
    • 🥱Mobile Hacking Lab
      • IOT Connect
      • Strings
      • Guess me
      • Secure notes
      • Post Board
      • Food Store
      • Cycle Scanner
      • Document Viewer
      • Config Editor
  • 😇Web Vulnerabilities
    • 😁OS Command Injection
    • 😍Information disclosure
    • 🥰JWT attacks
    • 😎Access Control List
    • 😝CSRF
    • 😚SSRF
    • 😚API9:2023 Improper Inventory Management
  • 👻Privilege Escalation
    • 😎Linux Privilege Escalation
    • 😢Windows Privilege Escalation
  • HTB Writeups
    • 😚Soccer htb
    • 😃Devil HTB
Powered by GitBook
On this page
  • 💡 What is Android ?
  • what is Software Development Kit
  • Android OS Building Blocks :
  • Kernal layer
  • 1- Linux Kernel
  • Software layer :
  • 2- Hardware Abstraction Layer (HAL) :
  • 3- Native C/C++ Libraries :
  • 4- Android Run Time :
  • 5- Java API Framework
  • 6- security model :
  • 7- Permission Model :
  • 8- Privilege Separation :
  • 9- Compilation Process
  1. Mobile Pentest

Android Architecture

as i am currently studying android penetration testing, i wanted to share my experience with you as it might help

💡 What is Android ?

  • Linux based open source mobile platform

  • open source Develop by Google

  • Proprietary Components (GMS, Google Play Store) الملكيه

    • some Software and components of the Android OS that are owned and developed by Google

      • and are not part of the open-source Android such as (Gmail - Drive- Youtube )

      • بمعني اصح هي جزء من الاندرويد اللي بيتطور من جوجل بس مش جزء من الاندرويد ك اندرويد OS or Kernal

    • These components are licensed by Google to device manufacturers (Samsung ) to include them in their Android devices.

    • most prominent proprietary components of Android OS are Google Mobile Services (GMS) and the Google Play Store

    • بمعني اصح لو شركة جديدة عملت نوع فون جديد وليكن اسمه ayhaga ,, عشان بقي الفون الاندرويد ده يدخل جواه خدمات البلاي استور وجوجل بيروح بقي لشركة جوجل ويمضي عقودات وحاجات من دي ,, وده اللي بنسميه GMS

what is Software Development Kit

  • is a collection of software development tools that enables developers to create application for a specific platform or operating system & include libraries, APIs, debugging tools

  1. The Android SDK ⇒

    1. contain Android development kit it includes tools such as Android Studio and a lot of Tools like :

      • Integrated Development Environment (IDE) بيئة التطوير المتكاملة :

        • providing the necessary features and integrations to streamline the coding, debugging, and testing processes.

        • Android Debug Bridge (ADB) :

          • command-line tool included in the Android SDK that facilitates communication between a computer and an Android device.

          • perform various functions such as tracking system logs, uploading and downloading files, and installing application

        • and Emulator.

        • have a lot of APIS

  2. IOS SDK :

    1. it include and a lot of tools and resources for developing IOS applications for devices like : IPHONE - MAC , it

      • XCODE IDE ⇒ used for developing and testing IOS apps and how can use API

Android OS Building Blocks :

Kernal layer

1- Linux Kernel

  • The Linux kernel is a core component of the Android operating system.

  • The Android OS is built on top of the Linux kernel, which provides low-level hardware interactions and abstractions, such as device drivers, memory management , and process management .

  • It includes additional features and enhancements to support the Android software stack :

    • better performance and

    • battery life for mobile devices

    • hardware acceleration

    • low memory Handeling

  • the Android kernel also includes several Android-specific features , such as:

    1. Binder : its an kernal Interprocess work in (kernal layer) ⇒ to make a communication between 2 process in android ,,, زي لما اكون بلعب ومشغل اغاني

    2. Ashmem : A shared memory mechanism that is used to share memory between processes. بتقسم رامات الجهاز بين الابليكيشنز اللي شغاله

    3. Low Memory Killer (LMK): A mechanism that is used to free up memory when the system is running low on memory

      1. زي الرساله اللي بتيجي عشان امسح ال junk files والحاجات اللي مستخدمه الرام ونا مش بستخدمها

    4. Android Logger: A logging mechanism that is used to log system events and debug information بيسجل الايرورز اللي بتحصل من الابليكيشن واي ايرور بيحصل ف الفون عامة

Software layer :

2- Hardware Abstraction Layer (HAL) :

  • is a software layer in the Android operating system

  • provides an interface between the higher-level Android framework and the lower hardware components of a device.

  • HAL consists of a set of C/C++ libraries that define a standardized interface for each type

    • hardware component, such as the camera, audio, and graphics processing unit (GPU)

    • بتشتغل كوسيط بين الهاردوير (الأجهزة المادية) والسوفتوير (البرامج). الفكرة منها إنها تبسط التعامل مع المكونات المادية زي الكاميرا والبلوتوث والصوت وغيرها، وده بيسهل على المبرمجين إنهم يشتغلوا من غير ما يدخلوا في تفاصيل كل جهاز.

  • When an Android application needs to access a hardware component, it calls the relevant HAL library. The **HAL then communicates with the device driver**, which is responsible for communicating with the specific hardware component.

😃EX : Android need access camera ⇒ it call camera Hal library ⇒ then communicate with device driver for camera hardware

  • This abstraction layer shields the application developer from the details of the hardware implementation, providing a consistent interface across devices كانها طبقة سيكيوريتي عشان تمنع من اني اشوف ازاي الكاميرا بتشتغل واي الحاجات اللي بتعملها ف الهاردوير وغيره … زي مثال اني امنع mitm attack

    • such as protect the process data when access camera

3- Native C/C++ Libraries :

  • Android Native Development Kit (NDK) provides a set of native C/C++ libraries and tools that allow developers to write performance-critical parts of their application

  • it’s a libraries included in android OS , used by developers to provide high performance & low level functions (hardware)

  • designed to interact direct with device hardware like : camera , microphone , network card (WIFI - Bluetooth )

  • native code in android is java but we use this libraries to access critical parts (hardware) directly عشان نوفر وقت وجهد كبير

4- Android Run Time :

  • it’s a ****VM used by the Android OS to execute applications

    • first VM was Dalvik VM it work from Android 1.0 to 4.4 (KitKat

    • then they start use ART from Android 5.0 Lollipop

  • Android Studio compiled java code Apps into 2 types of Byte code :

    • DEX : apps that available in play store ,, used in dalvik from android 1 to 4.4 ,, after create will be app.dex

    • ODEX : Optimized DEX used in ART compilation , from android 5

  • ART uses ahead of time (AOT) compilation, ART compiles the code during the app installation process

    • make application faster when run , use low CPU , RAM عشان مش كل مره افتح الابب يقعد ياخد وقت ف انه يعمل compile code

  • ART offers improvements in terms of

  • have features like

    • garbage collection ⇒ reduce memory usage

    • performance, battery life, and security such as : sandbox to isolate app code from other apps (prevent unauthorized access)

  • Unlike Dalvik, which used just in time (JIT) compilation

    • it mean Dalvik work just when we start process

  • ART also includes a number of new features, such as improved garbage collection, which **reduces the amount of memory allocated to an application**, and support for the latest Java 8

  • Result of ART : This results in faster app startup times and less CPU usage, as the code is already compiled and ready to run

5- Java API Framework

  • is a set of libraries and classes provided by Android OS that developers can use to build Android applications using the Java programming language.

  • This framework provides a wide range of APIs , including those for user interface design, database management, networking, and multimedia processing

😄 components of the Java API Framework in Android include :

  • Activities :

    • These are the basic building blocks of an Android application and represent a single screen with a user interface (such as home screen whatsapp )

  • Views :

    • These are user interface elements such as buttons, text fields, and lists. ( button send message in whatsapp )

  • Intents :

    • These allow components of application to request actions from other components ( such as open chats the click status in whatsapp )

    • بمعني اصح رايح من اكتيفيتي ل اكتيفيتي زي لما بعمل لوجن بروح بعدها للهوم

    • او لما اكون فاتح شات وافتح الكاميرا من الشات

    • او اي حاجه جديده او اندبوينت او صفحه جديده

  • Content Providers:

    • These manage access to a structured set of data and allow applications to share data between 2 applications

    • زي مثلا ابليكيشن الرسايل بيبقي ليه اكسيس علي الارقام عشان اختار الرقم اللي هبعتله وهكذا .

    • من ناحية الثغرات : لما الاقي ابليكيشن بيشير داتا لابليكيشن تاني وانا قدرت اشوف حاجه مش مسموحلي اشوفها دي تبقي ثغره

  • Services:

    • These are components run in the background and perform long-running operations, ( such as playing music in spotify and open whats )

    • Broadcast Receivers :

      • These allow applications to receive system events, such as the battery low or a network connection being lost

6- security model :

  1. Application-level security:

    1. This layer is implemented within the application itself and is designed to protect the application's data and code from unauthorized access

    2. encrypting sensitive data, using secure communication protocols, implementing user authentication and authorization mechanisms, and using code obfuscation to make the application's code more difficult to reverse engineer

  2. Operating system-level security:

    1. implemented in operating system level and is designed to protect the device and its data from external threats such as malware and unauthorized access.

    2. measures include secure boot, SELinux (Security-Enhanced Linux) policies, sandboxing, and permissions management.

7- Permission Model :

  • mechanism that allows applications to request permission from the user before accessing sensitive data or performing certain actions on the device such as camera, contacts, and location

8- Privilege Separation :

  • security mechanism that make limits Privilege and access control for every component in application such as : user interface, data processing, and network communication,

  • goal of privilege separation is to minimize the risk of a security breach by limiting the access that any one component has to sensitive data or system resources

9- Compilation Process

  1. we have our own manifest file contain :

    1. Resources : we will use in our application

    2. Assets : (media : image - videos ,,,,, ) we will use in our application

  2. take manifest file with all contain to create package resource

  3. then we take the package resource (R) ⇒ to enter into compiler with source code + libraries to create ART (new version of dalvik ) then create classes.dex

  4. use classes.dex to create unsigned apk (beta version that we can run into emulator )

  5. we add sign key/signature to the unsigned apk to make sign apk then publish it

PreviousMobile PentestNextMobile Hacking Lab

Last updated 10 months ago

🔥
😎