5 Hacking Mobile Platforms

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 21

Hacking Mobile Platforms

Terms:
Plethora of vectors

1. Malware
2. Data Storage
3. Social Engineering
4. SMS Phishing
5. Countermeasure

Attack vectors

1. Drive-by’s
2. Phishing
3. Connections
4. Come on and Get Physical – olivia newton John
5. Service this!
6. The application itself
II. Installing Android VM

Requirements
 Android x86 Project (Download the latest version .iso)
Steps:
1. Click the latest release

2. Click “https://osdn.net/rel/android-x86/Release%209.0”
3. Scroll down and download android-x86_64-9.0-r2.iso  (x64/x86 depends on the Operating
System)

 Oracle VM VirtualBox Manager

Setup steps:
1. Fill-out the needed information
Name: *Anything*
Type: Linux
Version: Linux 2.6 (64-bit)

2. Setup the RAM depend on the project needs


3. Select “Create a virtual hard disk now”, then “Create”

4. Select “VirtualBox Disk Image”


5. Select “Dynamically allocated” for the memory to grow as needed.
6. Select memory size: preferably the default.

7. Setup the .iso into the Storage Setting of the created VM.

8. Select the iso file the recently downloaded.

9. In the Network tab, set the following details.


Attached to: Bridge Adapter
Name: Altheros AR9271 Wireless Network Adapter

In advanced,
Adapter Type: PCnet-FAST III (Am79C673)
10. Run the Virtual Box, the select “Installation – Install Android-x86 to harddisk”

11. Click letter-c to select “Create/Modify partitions”

12. Then select “Yes” to setup GPT

13. Pres any key after, then “New”


14. Enter until it is created.

15. Select “Write”, then confirm it by typing “yes”, the “Quit”.


16. To confirm that the process is successful, it will show in the list.

17. Make sure that it is highlighted and then hit “Enter”.


Then Select “ext4”.
18. Answer the following:
Are you sure to format the partition sd1? “Yes”
Do you want to install bootloader GRUB? “Yes”
Do you want to convert it to NBR? “Yes”
Do you want to install system directory as read-write? “Yes”

19. Select “Reboot”, then remove the .iso attachment from the storage setting.

20. Also, on the Display tab, select the following:


Graphics Controller: VBoxSVGA
Acceleration: Enable 3d Acceleration
21. Start the VM
III. Android Architecture and Device
Layers in Android
1. Linux Kernel
2. Libraries
3. Runtime
4. Framework
5. Application

Security model of android


1. Normal Permission
2. Dangerous Permission
3. Signature Permission
4. SignitureOrSystem Permission

Application Modules
1. Activities
2. Content Providers
3. Services
4. Broadcast Receivers

Data Storage
1. NAND Flash
2. SD
3. Internal/External
- Encrypt the external because it is public and visible in all application.

Android Debug Bridge (ADB)


1. Remote Shell
2. Push/Pull
3. Logcat
4. Install

Rooting
1. Rooting elevates your privilege
2. Run specialized apps
3. Side-loading

Android Jargons
1. Bootloader
2. Kernel
3. Baseband
4. Recovery
5. Dalvik-Cache & ART
6. Download Mode
IV. Rooting Android

Resources:
https://forum.xda-developers.com/
https://highonandroid.com/

Reference:
Unlocking Bootloader
Installing TWRP and Rooting with Fastboot

Unlocking Bootloader Steps: ***WARNING: It will format your phone! But external is not included***
1. On Android, set your device into “Developer Mode”.

2. Go to Developer Option, then turn on “USB Debugging Mode”.

3. Download Fastboot and Android USB Driver


Fastboot Link: Click Here!
USB Driver Link: Click Here!

4. Then install the Driver, unzip the Fastboot, and then plug your phone into the computer.

5. In device manager, under your phone device, you will see the name of the driver ex Samsung
ADB Interface.

6. Open Command Prompt


$ cd Downloads
$ cd fastboot <or locate where you unzip Fastboot folder>
$ adb reboot bootloader <your phone will be loaded to bootloader screen>
$ fastboot oem unlock <or $ fastboot flashing unlock, if not working>

7. Your phone will be loaded to bootloader menu (click “Start” if not), and it will wipe-out all the
data in your phone.
Once done, the phone will be restarted automatically and proceed to setup.

Install TWRP Recovery and Root with Magisk using Fastboot Steps:
1. First, make sure that you have TWRP recovery available for your phone.
If none, these steps will not work, find another TWRP recovery for your phone.

2. Note the model number of your phone.

3. Go to TWRP website: Click Here!


Search your device and download the latest version of twp*.img and/or twrp*.zip/.tar
4. The .zip file is existed in new devices like pixel devices to flash the installer.

5. Open the bootloader of your phone (you may use the steps above), and go to “Download Mode”

6. Download Magisk (installer, uninstaller & manager) & SuperSU & No Verify Opt Encrypt (Link:
Click Here!

7. Open Command Prompt:


$ cd Downloads
$ cd fastboot <or locate where you unzip Fastboot folder copy there the .img/.zip/.tar files>
$ fastboot flash recovery twrp*.img <flashing recovery image to recovery partition>

In newer phone with .zip/.tar,


$ fastboot boo twrp*.img

8. On your phone, go to “Recovery Mode”.

9. Copy the Magisk & SuperSU and No Verify Opt Encrypt to your internal storage.

10. On your phone, click “Install” click No Verify Encrypt the swipe to install, after that click
“Reboot” and choose “Recovery”
Same goes with Magisk installer and uninstaller.

In newer phone,
Install .zip/.tar first before Magisk.

11. Setup your phone, the you will see Magisk app in your app list.

Install Custom ROM using TWRP Recovery Steps:


1. Boot your phone to TWRP Recovery
2. Copy the .zip ROM File to your phone internal storage.
3. On your phone, go to “Install”, the click the .zip ROM file and Reboot the phone.
4. Setup your phone,

V. Using Odin
VI. Attacks
Type of attacks
1. Network Attacks
2. NFC Attacks
3. NFC Relay Attacks
4. Data Leakage
5.

You might also like