Android Hacking : Reverse Engineering, Porn , Scam

The Android Series

Hi everyone !
Some of you may know that I started an Android Hacking series. The serie focus on Android Malware and Reverse engineering.
Since I started this guide, I search a lot on android malware and find some Good/Bad(Security improvement) news in this field.

The news Android 4.4+ Os are a little more secure from malware (Good to know that). Android application can’t start at boot if the user didn’t start the application once by clicking on the icon.

Old Android can rooted though these exploit and “Hacked” with :

How a Malware can gain access on my device ?

Scam, Phishing, Porn. This is the most common way malware propagate

The Mazare Bot malware, use one of the above method. The user receive an sms telling him to download the malware to be able to see an mms.

Some other malware ( Not only android ) use clickbait to propagate :

ex :
Facebook post : Leak nude of Emma watson, Cat killed by a man
You can imagine everything, you’ll just have to trick the user to click on the link.

Social engineering is a great technique for malware to propagate.

The Android Malware tutorial , that I’m writting will not help you to create a good malware.

My Android serie won’t cover :

How to make the perfect undetectable malware that will stay persistent and steal your mom’s money because your dad clicked on a bad link

However, I will cover some aspect that I can understand and apply.

Here is what I’m still learning for my Malware serie :

  • Stay persistent ( Yes, we will cover this aspect )
  • Find a way to hide the malware ( I didn’t figure how I can do it for the moment )
  • Connect to a server to receive command
  • check if the device is rooted
  • ( root the device )

What I can’t do :

  • rewritting the towelroot

#Why ?

This is really obscure for me to know how to rewrite an exploit. I’m still learning how to write exploit and understand common vulnerabilities ( Race Condition, Format String bug, Buffer overflow ). If you’re really interested in making malware, here how you can root a device from a malware.

  • Rewritting towelroot exploit and compile a binary
  • Lauch the towelroot apk from your malware

And here a little polls, My android series is not only on malware making. I will talk about RE of android app too.
I want your views on this serie.

How should I do the RE series

  • Simple Tutorial
  • Android CrackMe Challenge with solution to learn how it work

0 voters

~/// L3akM3-0day

16 Likes

Awesome!! Looking forward to it!

1 Like

Love it! Can’t wait!

Def wanna see how this plays out.