01 - Introduction to Android App Hacking
Dalam kesempatan ini, saya mencoba untuk mengumpulkan catatan-catatan mengenai penetration test pada aplikasi Android.
Catatan ini mencakup berbagai teknik yang digunakan untuk melakukan eksploitasi pada aplikasi Android, termasuk rekomendasi teknis yang dapat diimplementasikan. Selain itu, saya juga membahas solusi untuk berbagai tantangan CTF yang terkait.
0x1 - Table of Content
A. Basic Programming
B. MASVS Resilience
1. Reverse Engineering
- REApp 0x1: RE with jadx
- REApp 0x2: RE with DEX Bytecode
- REApp 0x3: RE with Native Library
- REApp 0x4:- Obfuscation
- Obfuscating Android Code
2. Root Detection
- Rooting Device Realme 3 Pro
- Detecting Root and Bypassing Anti-Root Android Flutter App
- Detecting Root and Bypassing Anti-Root Android Kotlin App
3. Integrity Check
- Decompile & Patching APK
- Implementing Integrity Checks in Android Apps
4. Frida
- Frida-Labs 0x1: Frida setup, Hooking a method
- Frida-Labs 0x2: Calling a static method
- Frida-Labs 0x3: Changing the value of a variable
- Frida-Labs 0x4: Creating a class instance
- Frida-Labs 0x5: Invoking methods on an existing instance
- Frida-Labs 0x6: Invoking a method with an object argument
- Frida-Labs 0x7: Hooking the constructor
- Frida-Labs 0x8: Introduction to native hooking
- Frida-Labs 0x9: Changing the return value of a native function
- Frida-Labs 0xA: Calling a native function
- Frida-Labs 0xB: Patching instructions using X86Writer and ARM64Writer
- FridaLab Walkthrough
- Detecting Frida and Bypassing Anti-Frida Android Flutter App
- Detecting Frida and Bypassing Anti-Frida Android Kotlin App
C. Capture the Flag
1337UP 2023 - Intigriti:
- Memdump
- Fatcher
This post is licensed under CC BY 4.0 by the author.