Android Tamper Detection Workshop


Learn how to implement and reverse engineer common tamper detection and attestation techniques

Mastering Android Application Reverse Engineering

APK Static Analysis

By the end of this course you’ll be able to develop simple Android applications, reverse Android applications to both Java and SMALI, and apply other techniques to your reverse engineering efforts such as patching.

Patching Android Applications and SMALI

This course also focuses on patching. This is the concept of statically altering an Android application before runtime to alter execution of the program. This can include anything from modifying variables, function calls, and classes. In this course we’ll use patching to circumvent tamper detection and attestation techniques.

Android Tamper Detection and Attestation Techniques

This course has a specific focus on understanding, utilizing, and subverting tamper detection and attestation techniques. These techniques are used by banks, online games, and streaming services to minimize the potential of their applications running while on compromised (e.g. rooted) devices.

“The workshop covered a good range of topics for beginner and experienced Android researchers. I personally got a lot from his coverage of SMALI, and how to modify SMALI to patch an APK.”

 

 

Requirements

An understanding of programming techniques, however, no upfront knowledge of Android or Java is required. The following tools: APKTool, Android Studio, and Jadx.

 

Who Is this Workshop for

  • People interested in developing their skills in Android application reverse engineering.
  • People interested in learning more about Android application tamper protection and attestation.
  • People new to patching Android applications using SMALI.

 

Resources

Find helpful resources for completing the workshop below alongside recordings, workbooks, and code snippets useful for the workshop.

 

 

 

 

 

Workshop Workbook

A copy of installation instructions, handy tips, and how-to’s for the tools we’ll be using in the workshop. Slides packs for my various talks on the subject can be found here also.

 

Previous Recordings

If you missed a part of the workshop or want to double back on a part you need more practice on or found interesting you can find a past recording on Udemy here.

 

Runic Java Application Demo

An Android application, designed to serve as a parallel for understanding more complex tamper detection and integrity systems such as Google Play SafetyNet and Huawei Safety Detect.

Useful Commands

Unbundle and disassemble an APK to SMALI

apktool.bat d .\app-debug.apk

Build an APK

apktool b .\app-debug 

Zip align the built apk

zipalign.exe -p -v 4 [project_root]\app\build\outputs\apk\debug\app-debug\dist\app-debug.apk aligned.apk 

sign the APK – default password ‘android’

apksigner.bat sign --ks C:\Users\[username]\.android\debug.keystore .\aligned.apk

Install the APK

adb install .\aligned.apk