Mobile
7/15/2014
02:45 PM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Tapping Into A Homemade Android Army

Black Hat speaker will detail how security researchers can expedite their work across numerous Android devices at once.

In the Android development world, fragmentation has been the bane of the typical app coder's existence for as long as the platform has been running devices. With so many different devices to account for, it's difficult to troubleshoot and ensure apps run uniformly across them. That same frustration is actually amplified in mobile security research, because as white hat hackers dive under the hood of Android devices they find that not only do different devices behave differently, but sometimes even devices advertised under the same name may sport different processors and totally different architectures.

"Each device is kind of like a unique snowflake," says Joshua Drake, director of research science at Accuvant Labs. "Even if we both had a Samsung Galaxy S3, and, say, you had one from Verizon and I had one unlocked, those phones are almost completely different on the inside. Samsung makes the processor for the unlocked one, and Qualcomm's processor runs Verizon's. That core of a change will change a lot of things."

Consequently, understanding how certain vulnerabilities may cut across devices and manufacturers becomes a very difficult nut to crack -- or, at the very least, requires a long nut-cracking process. However, at Black Hat USA next month Drake plans to help the security community save time and focus on finding bugs and reaching other important security conclusions by building what he terms a homemade "Android Army." His talk will discuss how a simple hardware hack, combined with an open-source toolkit he's been refining, can make it easier for researchers to scale their exploration across many different devices at once.

Drake came up with the idea as he was writing and researching the Android Hacker's Handbook. As he explains, the typical way a researcher interacts with an Android device is through the device hooked up via USB and the Android Debug Bridge (ADB) running on a PC.

"That tool works fine, but it is not really designed to be one where you're operating on lots of devices," he says. "I thought to myself: Wouldn't it be great if I could somehow have ADB but add in this extra layer of something that will run across a whole bunch of devices?"

And so, Drake figured out the most expeditious way to nest together multiple USB ports to get dozens of devices running on a PC at once and started working on the scripts that would eventually make up what he calls the Android Cluster Toolkit. Already available as an open-source project, the toolkit makes it easier, not only for the user to identify devices hooked into a computer by human-friendly names rather than long serial codes, but to also run commands on multiple devices at once. Drake says he personally has built up a cluster of about 55 devices but that it is possible for a researcher to cram up to 127 devices at once on a single PC's root USB hub.

"It can be helpful, not just if you are auditing and looking through some source code and trying to connect that to real devices, but also if there has been a vulnerability that's already been identified and disclosed -- then you can quickly get an idea of which devices out there that are actually affected. Most of what the software part of this toolkit was designed to do was to help me find a way to type less and get more done."

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
William L. Lind
50%
50%
William L. Lind,
User Rank: Apprentice
7/22/2014 | 6:52:51 AM
Re: Helpful.
Tapping into a homemade android army, as it helps to perform most of the works what we want to perform via our laptop or PC.  The top essays services provide the best services for the students who are seeking their essy writing help.
Robert McDougal
50%
50%
Robert McDougal,
User Rank: Ninja
7/18/2014 | 11:00:31 AM
Helpful.
While this will make it easier to look at multiple androids at one time, it will not make it any easier to standardize the android platform.  Each device will remain and individual "snowflake".  

What we really need is industry standards for Android that the big players obey.
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.