| Track: | Misc |
|---|---|
| When: | Wed PM-3 |
| Where: | |
| Organizers | Carlos Holguera Carlos Holguera |
| Participants | Sven Schleier Sven Schleier |
WHY
This all started because Google says that the keys used for encryption in Android are protected from extraction. So we want to verify if this is really true. You can read the statement here: https://developer.android.com/training/articles/keystore/#ExtractionPrevention
What
On this hands-on session we will cover the very basics of dynamic instrumentation with Frida to a more complex task consisting of the extraction of crytographic material from an app process memory. We will practice this using the OMTG-Android App from the MSTG-Hacking Playground.
The APK can be found here: https://github.com/OWASP/MSTG-Hacking-Playground/tree/master/Android/OMTG-Android-App/app You can download it and install it to your Android device.
Sadly it will only fully work on an Android 5 device because the app is using an old Android API for the encryption.
Outcomes
You can run Frida on your system and Android phone and have a basic understanding. You were able to extract some cryto keys.. or not.
References
Previous–>
Please install Frida on your laptop (it’s easy! just pip it): https://www.frida.re/docs/installation/
Install Frida-server on your rooted Android device: https://www.frida.re/docs/android/
Register as participant
To register as participant add Diving into mobile cryptography using dynamic instrumentation with Frida to either:
- the
sessionsmetadata field from your participant's page (find your participant page and look for the edit link). - or the
participantsmetadata field from this git session page
Back to list of all User Sessions