You are previewing Android Hacker's Handbook.
O'Reilly logo
Android Hacker's Handbook

Book Description

The first comprehensive guide to discovering and preventing attacks on the Android OS

As the Android operating system continues to increase its share of the smartphone market, smartphone hacking remains a growing threat. Written by experts who rank among the world's foremost Android security researchers, this book presents vulnerability discovery, analysis, and exploitation tools for the good guys. Following a detailed explanation of how the Android OS works and its overall security architecture, the authors examine how vulnerabilities can be discovered and exploits developed for various system components, preparing you to defend against them.

If you are a mobile device administrator, security researcher, Android app developer, or consultant responsible for evaluating Android security, you will find this guide is essential to your toolbox.

  • A crack team of leading Android security researchers explain Android security risks, security design and architecture, rooting, fuzz testing, and vulnerability analysis
  • Covers Android application building blocks and security as well as debugging and auditing Android apps
  • Prepares mobile device administrators, security researchers, Android app developers, and security consultants to defend Android systems against attack
Android Hacker's Handbook is the first comprehensive resource for IT professionals charged with smartphone security.

Table of Contents

  1. Cover
  2. Chapter 1: Looking at the Ecosystem
    1. Understanding Android's Roots
    2. Understanding Android Stakeholders
    3. Grasping Ecosystem Complexities
    4. Summary
  3. Chapter 2: Android Security Design and Architecture
    1. Understanding Android System Architecture
    2. Understanding Security Boundaries and Enforcement
    3. Looking Closer at the Layers
    4. Complex Security, Complex Exploits
    5. Summary
  4. Chapter 3: Rooting Your Device
    1. Understanding the Partition Layout
    2. Understanding the Boot Process
    3. Locked and Unlocked Boot Loaders
    4. Rooting with an Unlocked Boot Loader
    5. Rooting with a Locked Boot Loader
    6. History of Known Attacks
    7. Summary
  5. Chapter 4: Reviewing Application Security
    1. Common Issues
    2. Case Study: Mobile Security App
    3. Case Study: SIP Client
    4. Summary
  6. Chapter 5: Understanding Android's Attack Surface
    1. An Attack Terminology Primer
    2. Classifying Attack Surfaces
    3. Remote Attack Surfaces
    4. Physical Adjacency
    5. Local Attack Surfaces
    6. Physical Attack Surfaces
    7. Third-Party Modifications
    8. Summary
  7. Chapter 6: Finding Vulnerabilities with Fuzz Testing
    1. Fuzzing Background
    2. Fuzzing on Android
    3. Fuzzing Broadcast Receivers
    4. Fuzzing Chrome for Android
    5. Fuzzing the USB Attack Surface
    6. Summary
  8. Chapter 7: Debugging and Analyzing Vulnerabilities
    1. Getting All Available Information
    2. Choosing a Toolchain
    3. Debugging with Crash Dumps
    4. Remote Debugging
    5. Debugging Dalvik Code
    6. Debugging Native Code
    7. Debugging Mixed Code
    8. Alternative Debugging Techniques
    9. Vulnerability Analysis
    10. Summary
  9. Chapter 8: Exploiting User Space Software
    1. Memory Corruption Basics
    2. A History of Public Exploits
    3. Exploiting the Android Browser
    4. Summary
  10. Chapter 9: Return Oriented Programming
    1. History and Motivation
    2. Basics of ROP on ARM
    3. Case Study: Android 4.0.1 Linker
    4. Summary
  11. Chapter 10: Hacking and Attacking the Kernel
    1. Android's Linux Kernel
    2. Extracting Kernels
    3. Running Custom Kernel Code
    4. Debugging the Kernel
    5. Exploiting the Kernel
    6. Summary
  12. Chapter 11: Attacking the Radio Interface Layer
    1. Introduction to the RIL
    2. Short Message Service (SMS)
    3. Interacting with the Modem
    4. Summary
  13. Chapter 12: Exploit Mitigations
    1. Classifying Mitigations
    2. Code Signing
    3. Hardening the Heap
    4. Protecting Against Integer Overflows
    5. Preventing Data Execution
    6. Address Space Layout Randomization
    7. Protecting the Stack
    8. Format String Protections
    9. Read-Only Relocations
    10. Sandboxing
    11. Fortifying Source Code
    12. Access Control Mechanisms
    13. Protecting the Kernel
    14. Other Hardening Measures
    15. Summary of Exploit Mitigations
    16. Disabling Mitigation Features
    17. Overcoming Exploit Mitigations
    18. Looking to the Future
    19. Summary
  14. Chapter 13: Hardware Attacks
    1. Interfacing with Hardware Devices
    2. Identifying Components
    3. Intercepting, Monitoring, and Injecting Data
    4. Stealing Secrets and Firmware
    5. Pitfalls
    6. Summary
  15. Appendix A: Tool Catalog
    1. Development Tools
    2. Firmware Extraction and Flashing Tools
    3. Native Android Tools
    4. Hooking and Instrumentation Tools
    5. Static Analysis Tools
    6. Application Testing Tools
    7. Hardware Hacking Tools
  16. Appendix B: Open Source Repositories
    1. Google
    2. SoC Manufacturers
    3. OEMs
    4. Upstream Sources
    5. Others
  17. Appendix C: References
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
    8. Chapter 8
    9. Chapter 9
    10. Chapter 10
    11. Chapter 11
    12. Chapter 12
    13. Chapter 13
    14. General References
  18. Introduction
    1. Overview of the Book and Technology
    2. How This Book Is Organized
    3. Who Should Read This Book
    4. Tools You Will Need
    5. What's on the Website
    6. Bon Voyage
  19. End User License Agreement