Explore advanced Android obfuscation techniques through runtime manipulation in this DEF CON 31 conference talk. Discover innovative methods for identifying manipulation targets within Android source code and learn to craft manipulators using native C++ and Java Native Interface (JNI). Gain insights into bypassing decompilers and emulators by altering standard application flow-of-control, including techniques to remove ClassLoader call traces typically required for Dalvik Executable (DEX) packing. Master the process of breaking cross-reference calculations in Android decompilers through practical demonstrations using a custom Android library for Android 13 devices. Follow along as the methodology for locating Java targets and modifying their native data structures is explained in detail, providing hands-on knowledge for runtime manipulation experimentation.
Overview
Syllabus
DEF CON 31 - Runtime Riddles - Abusing Manipulation Points in the Android Source - Laurie Kirk
Taught by
DEFCONConference