My Account Log in

3 options

Android hacker's handbook / Joshua J Drake [and five others].

Ebook Central Academic Complete Available online

View online

Ebook Central College Complete Available online

View online

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Drake, Joshua J., author.
Language:
English
Subjects (All):
Application software--Development.
Application software.
Android (Electronic resource).
Physical Description:
1 online resource (577 p.)
Edition:
1st ed.
Place of Publication:
Indianapolis, Indiana : John Wiley & Sons, 2014.
Language Note:
English
Summary:
The first comprehensive guide to discovering and preventing attacks on the Android OS As the Android operating system continues to increase its share of the smartphone market, smartphone hacking remains a growing threat. Written by experts who rank among the world's foremost Android security researchers, this book presents vulnerability discovery, analysis, and exploitation tools for the good guys. Following a detailed explanation of how the Android OS works and its overall security architecture, the authors examine how vulnerabilities can be discovered and exploits developed for v
Contents:
Cover; Title Page; Copyright; Contents; Chapter 1 Looking at the Ecosystem; Understanding Android's Roots; Company History; Version History; Examining the Device Pool; Open Source, Mostly; Understanding Android Stakeholders; Google; Hardware Vendors; Carriers; Developers; Users; Grasping Ecosystem Complexities; Fragmentation; Compatibility; Update Issues; Security versus Openness; Public Disclosures; Summary; Chapter 2 Android Security Design and Architecture; Understanding Android System Architecture; Understanding Security Boundaries and Enforcement; Android's Sandbox; Android Permissions
Looking Closer at the LayersAndroid Applications; The Android Framework; The Dalvik Virtual Machine; User-Space Native Code; The Kernel; Complex Security, Complex Exploits; Summary; Chapter 3 Rooting Your Device; Understanding the Partition Layout; Determining the Partition Layout; Understanding the Boot Process; Accessing Download Mode; Locked and Unlocked Boot Loaders; Stock and Custom Recovery Images; Rooting with an Unlocked Boot Loader; Rooting with a Locked Boot Loader; Gaining Root on a Booted System; NAND Locks, Temporary Root, and Permanent Root; Persisting a Soft Root
History of Known AttacksKernel: Wunderbar/asroot; Recovery: Volez; Udev: Exploid; Adbd: RageAgainstTheCage; Zygote: Zimperlich and Zysploit; Ashmem: KillingInTheNameOf and psneuter; Vold: GingerBreak; PowerVR: levitator; Libsysutils: zergRush; Kernel: mempodroid; File Permission and Symbolic Link-Related Attacks; Adb Restore Race Condition; Exynos4: exynos-abuse; Diag: lit / diaggetroot; Summary; Chapter 4 Reviewing Application Security; Common Issues; App Permission Issues; Insecure Transmission of Sensitive Data; Insecure Data Storage; Information Leakage Through Logs
Unsecured IPC EndpointsCase Study: Mobile Security App; Profiling; Static Analysis; Dynamic Analysis; Attack; Case Study: SIP Client; Enter Drozer; Discovery; Snarfing; Injection; Summary; Chapter 5 Understanding Android's Attack Surface; An Attack Terminology Primer; Attack Vectors; Attack Surfaces; Classifying Attack Surfaces; Surface Properties; Classification Decisions; Remote Attack Surfaces; Networking Concepts; Networking Stacks; Exposed Network Services; Mobile Technologies; Client-side Attack Surface; Google Infrastructure; Physical Adjacency; Wireless Communications
Other TechnologiesLocal Attack Surfaces; Exploring the File System; Finding Other Local Attack Surfaces; Physical Attack Surfaces; Dismantling Devices; USB; Other Physical Attack Surfaces; Third-Party Modifications; Summary; Chapter 6 Finding Vulnerabilities with Fuzz Testing; Fuzzing Background; Identifying a Target; Crafting Malformed Inputs; Processing Inputs; Monitoring Results; Fuzzing on Android; Fuzzing Broadcast Receivers; Identifying a Target; Generating Inputs; Delivering Inputs; Monitoring Testing; Fuzzing Chrome for Android; Selecting a Technology to Target; Generating Inputs
Processing Inputs
Notes:
Description based upon print version of record.
Includes bibliographical references and index.
Description based on print version record.
ISBN:
9781118922255
1118922255
9781118608616
1118608615
OCLC:
875820167

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account