Showing posts with label adb. Show all posts
Showing posts with label adb. Show all posts

Thursday, 14 June 2012

How safe is your Android device

Hi guys this is yash aka yinsain again with a duly awaited post.

THIS IS FOR EDUCATIONAL PURPOSES, I STAND NO INVOLVEMENT IN WHAT YOU DO WITH THE INFORMATION PROVIDED.

Nowdays most of the people around us are in favour of using an android device in the name of a smartphone well after all its a smart choice too.

First thing that people think of while using a smart phone is staying online and updated.
But how safe is it, people are scribbling down their credentials on this tiny device to stay in contact but till date nothing has changed, every app or even a system requires a lookup file to authenticate whether the true user is thr or not.

passwords still are the strongest and the weakest security link in whole infosec thing.

Whenever even a kid even hears about hacking first thing that comes to his/her heart is password of an email-id, well here i will show you how to get in one without using a password.

So we will focus our this post on the same and then we will blend into other security aspects of what can be risky and what cant.

Two possible scenarios are there
--> either you have a brand new phone or a phone that you use as a casual guy nothing hardcore or test-head and by mistake you install a malicious apk that roots your phone for gainig priviledges, this is how most of these things are working.
the infamous GINGERBREAK exploit that created a chaos because of it being used in other malicious apk.

--> or you might be having a rooted phone like me, that you rooted down for your experiments,,

but how aware are you, of all possible dangerous factors.

So lets start with a rooted phone because in both of the cases above end point is this only.

I will be using my real phone only, no emulator to show this, so in this post,
my details will be visible.

Lets plug this phone in debugging mode and spawn the shell.



 layout is pretty standard.

now lets move towards the attractive folder data and again in data inside the previous one.



now issue ls command it will show you a long list of installed apk's data folders.



now we can easily navigate to our folder of our desired app.

Our grapes reside inside the  com.google.android.gm folder so go into that and then into databases again issue ls command.

As you can see my email id is thr in a folder name.

but the useful db file is downloads.db for android 2.1 and for my specific cyanogemod7rc2 its mailstore.ydeep18@gmail.com.db, we will copy that out to sdcard for further inspection.

cp  mailstore.ydeep18@gmail.com.db /sdcard



as this phone is rooted so acces denied problem will be there just like it wont cause a problem for any attacker who has gained root shell on your device.


now we have our db file, now how to open it, well i did this while is was in kota in a hostel so i had no pc around me for an year, so i downloaded an app on my phone only to perform this.
APP :: aSQLiteManager


Lets start first with the phone
so open up your aSQLiteManager






open db file, the mailstore one.



 select whichever you wanna view, but i kno the juicy one is messages. so lets open that


and with all your guts click on data to kno thr truth....



and there it is all your synchronised email, now say who needs a password.
and continously scrolling sideways
'




As you can see, how lethal this can be.

PREVENTIONS
:: please check permissions needed by your application before installing
:: never leave your unattented. This works 90% of the time.

I will soon post other stuff for android forensics

THanks for reading
B-)



Posted by at No comments:
Labels: , , , , , , , , , , , ,

Setting up your android tools ;]

Guys im again informing you this is not a tutorial for development, only things covered in this post will be about setting up your android tools.
Further posts may even dig deeper in android forensics.

So for even starting up with your setup you should first decide about your platform. I would recommend mac or a linux box, and this tutorial is also following the same. But windows guys dont feel bad, comment below and i will respond with solutions and help.

So guys if you are familiar with Linux then its a plus point, if you dont then also its not a major issue, you can catch up any time you want. Download any iso of a Linux distribution of your preference. I would recommend Ubuntu, its a bit rookie friendly.
heres the link download
These distros are available in livecd format but you will require a system with installation done because you want your changes to be persistent.

Daring new guys can surely install it on a system, but if you are scared of blowing of your close-to-your-heart windows installation then virtualization solutions are always present.

You can try out virtual-box or vmware-player both are excellent.

I wont be guiding for with a linux installation, so google it.

So, lets assume now you have a working linux distribution on a disk or virtually, or maybe you are on the classier side and giving a smirk with a mac.
But mac guys take care and check out the documentation because im not helping.

linux guys now fire up your terminal.
If you are on an older version of ubuntu say before 11.04, then you probably on gnome2 enviroment so go to applications under accesories  or system tools there will be terminal, on a newer distro, guys just hit your windows key and type in terminal it will be there.


so you have your terminal opened up.

now lets resolve the dependencies required to run our sdk.

----------------------------------------------------------------------------------------------------
 
apt-get install default-jre

&& and if you are on a 64 bit machine like me then also

apt-get install ia32-libs
------------------------------------------------------------------------
 

Now we require our sdk
you can get it from

http://developer.android.com/sdk/index.html

As we are working on linux so fetch the required tar file and place it in a
folder of your choice.

Usually additional installation are done under /opt directory but you can feel free to put it anywhere, for the rest of the post i wil be keeping it in /opt.

gain the required priviledges for that folder and continue to extract it.

for newbies please just right click and follow it.
for guys who are comfortable and wanna learn do this
----------------------------------------------------------------------------------------------------------------
reach your directory and

do

tar zxvf android-sdk_r18-linux.tgz

the no. after r may vary for you depending on when are you viewing this
-----------------------------------------------------------------------------------------------------------------

now cd into the directory issue ls command

now some of the sub-directories are visible.
first and the most important utility require is adb, but unfortunately, it has been shifted to platforms folder that means we have to download it.
For that go into tools directory and enter ./android.

Another screen will pop up showing a gui like this select Android platform tools and then click on install package.

let it download the required package.

After its done, go back to upper directory and then into platform-tools and issue ls command.





So here we are, our two of the most important tools that we require are here.
adb and fastboot.

Now you can issue command ./adb devices but no devices will be shown if not

connected in debugging mode,




here is how you can put your android in debugging mode go to settings/application/development and then select Android debugging.



so now your device is ready,
now try again, it should show it now.,


now you can issue ./adb shell command too, as tis the only device connected it will drop down its shell only,
now its upto you how you explore into.


and we have the android shell..


Plz do follow the post nxt post regarding android will go into forensics of its filesystem.

Thanks for reading
B-)



Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)