SPLOIT: Building Android Applications for Hackers : Part 1 : Introduction to Android.
Greetings my fellow aspiring hackers,
Huh :) . Its that part of the year when friends and family come together for reunions and family gathering. Christmas is the only time of the year where the sensation and desire to bond and repair lost and broken relationships becomes stronger. I want to take this opportunity to wish the Null Byte family / community a belated Merry Christmas and a Prosperous New Year in advance since I wouldn't be with you during these period.
Merry Christmas !! :) and Let's get to what the day holds for us. :(
Introduction To Smartphones
The world is contracting and becoming smaller with the growth of the mobile phone technology. Each passing day comes with the number of smartphone users increasing tremendously and with facilities for supporting the technology. The world began with the simple regular handsets which were used just for making phone calls, setting alarms, playing the snake game, F1 race, Sudoku. Now, Smartphones have changed our lives and have become a part of us. They are not just used for making calls anymore but now have innumerable and countless uses. Just to mention a few, they can be used as camera devices, music players, television controllers , web browsers and accessing web services, sending and receiving of online messages and network based messages, etc . Smartphones have become more than devices or tools or pieces of devices which we can use today and throw in the dustbin tomorrow, they have rather emerged as our secondary friends. We talk to them, do assignments, exercise with them, chat with them, play with them and do other tedious stuffs with them. Smartphones now have sophisticated functionalities that the human race never dreamed to achieve. You have the Smartphone and I don't need to address all its functionalities and effects it has on your life.
Why Develop for The Android Platform Or Android Smartphones ?
One would ask. Android is the world's most popular operating system for smartphones. Android Inc was founded in Palo Alto of California, U.S. by Andy Rubin, Rich miner, Nick sears and Chris White in 2003. Later, Android Inc. was acquired by Google in 2005. After original release there have been number of updates in the original version of Android. Modern smartphones are developed with Android as the stock operating and you might be wondering why big time gigantic companies would be manufacturing mobile phones with Android as their operating system.
Yeah you read it right, Android is open source. The term 'open source' sounds pretty familiar, doesn't it? Well, open-source means software with source codes and files available for modification and bound to an open source license agreement. This basically means companies including Samsung, HTC, LG, and other lesser-known brands produce their products with their own modifications and adjustments. That's why every Android device is different—each manufacturer likes to put its own spin on it. This saves them the headache and pain of writing their own operating system for their devices. They simply push Android to the core of their products.
But let's just think for a second, Should all these companies produce devices with Android as their operating system, then basically developing and exploiting a flaw in the Android operating system gives all these companies away and makes their lives miserable since they would have to come up with patches for their products.
Flaws like the stagefright always send these companies typing 1000 letters per second into their products since they wouldn't want their customers screaming at them.
- Stagefright - Stagefright is the nickname given to a potential exploit that lives fairly deep inside the Android operating system itself
Also, developing android apps makes the app run on any Android based system no matter the manufacturer or brand.
Also users of the android OS are increasing rapidly which calls for the exploration and exploitation of the android platform
Not Enough !!, Why Should I Still Develop for The Android Platform ?
Android users can download apps from the Play Store and also download applications developed by third party developers and use them. There are many games, application and widgets available on the market for users.
Android applications are written in java programming language. Android is available as open source for developers to develop applications which can be further used for selling in android market. There are around 200000 applications developed for android with over 3 billion+ downloads. Android relies on Linux version 2.6 for core system services such as security, memory management, process management, network stack, and driver model
As aspiring hackers, Having different and important skills is a must and should be part of the hacker culture since knowledge is power and without power, you are basically useless. As hackers, we are sometimes faced with situation where we need to compromise the individual smartphones since they contain troves of informations more than the Windows Registry. When the average individual handes over their phone to you, the max time you can spend with their phone is around 4 secs since they would want their phone back for other stuffs. Should the average individual be a target, you would have to install something which would be persistent and would allow you access to the victims phone after you have handed over the phone. The Metasploit community did us the honor of developing an android application. But, lets face it. No matter how many times you encode the application, Antivirus softwares always picks them up. The solution is basically to develop you own.
And that would be what the series would be about: Developing Android Applications.
What To Expect ?
- I am not going to teach you how to hack the individual smartphone.
- Social Engineering is the key to this series and all attacks depends on your creativity.
- We are going to develop applications for the Android Platform
- It would be irritating to a person who already has knowledge about Android Development since I am basically going to take my time to explain every stuff
- We would be accessing the phones functionalities and create web based services to handle the troves of data stolen from victim. I wouldn't actually say stolen because we would be working within the framework of Ethical Hacking.
- This series is going to be a very long and late one since my studies are still in progress and would end next year June. But I still promise to update during times like holidays and specific celebrations
My SideNote To New Users Of Null Byte
The community is growing bigger and bigger and I have to say, The problems are also growing bigger and bigger with large requests of help each passing minute. I want to say: I am very glad you joined the community and its always fun to have people to share and create new ideas. Welcome home and feel free to express yourself whenever you feel like but without disturbing others. Thanks for joining the community once again and am sorry for not welcoming you earlier at your arrival. Have a great stay.