Overview
Syllabus
About the Speaker
Android Build Process
Android Software Stack
Java Native Interface (JNI)
Why JNI?
Why Obfuscate Code?
Proguard Configuration
JNI EXAMPLE CODE
RE Time: Static Analysis!!
All eyes on the JNI Class!!
Make sure device is rooted
Step O: Make sure the application is debuggable.
Verify device is listed
List Debugable Processes
Verify that it is the correct PID
Forward Connection
Launch JDB
List Methods
Step 6: Break on method
RE Time: Dynamic Analysis!!
Retrieve APK and unzip its contents.
Create Directories
Pull System Libraries
Find the Applications Process ID
Move gdbserver on to the device.
Launch gdbserver on to the device.
Port Forward from computer to the device.
Launch arm-linux-androideabi gdb
Load Libraries and set target
RE Time: Dynamic Analysis Step 11: Set Remote Target
Set Breakpoints
Step Through and get results.
Why did obfuscation fail?
How do we solve this problem?
Solution 1: Register Natives
Problems with Solution 1?
Classes
Problems with Solution 2?
Suggestions