【題記】
做了很多年安全産品開發,漏洞分析與研究都停留在大學畢業那會兒。準備拾起來,搞點事情。剛剛開始,東西不多,都得一點點積累。
【Android漏洞分析方向】
–App漏洞
–Android核心漏洞
這裡就不多說App的洞了。
【AOSP項目】
AOSP, 全稱Android Open Source Project(http://source.android.com/),是谷歌上司下的Android開源工程,Android的巨大成功與其開放性密切相關,而開源是其開放性的集中展現。當然,得益于代碼開源,其中的漏洞也可以很容易得到分析與驗證。
【編譯與運作】
按照官網文檔一步步來就可以了。
【2017.3.10 更新】
# 整個項目down下來有56G
counselors@f82c1f799245:~/cabin/WORKING_DIRECTORY$ du . -hs
G .
源碼下載下傳了2天不到,經常連接配接逾時而斷掉,這裡分享個自動同步直到完成的腳本。
#!/bin/bash
# filename: fetch_src.sh
# author: counsellors
i= # set counter to 0
while true # infinite loop
do
repo sync # silent curl request to site
if [ $? -eq ]
then
# curl didn't return 0 - failure
echo "download over!" $i
break # terminate loop
fi
i=$(($i+)) # increment counter
echo -en "$i \r" # display # of requests each iteration
sleep # short pause between requests
done
【AOSP支援裝置清單】
AOSP編譯之後可以在模拟器(emulator)中運作,然後挂GDB調試。做過Android開發的都知道模拟器有多慢。是以在真機下運作,是土豪的優先選擇。AOSP編譯後的檔案不能在一般的手機上跑,驅動應該不支援。
不用妄圖在小米或者HTC等裝置上運作,費力不讨好。這個時候google的親兒子-Nexus就開始發光了。AOSP明确聲明,我可以在Nexus下直接跑。對于新版本的AOSP,第三方放ROM就輸在起跑線上了。這裡是官網給出的機型清單。
Codename | Device | Keys |
---|---|---|
marlin | Pixel XL | Press and hold Volume Down, then press and hold Power |
sailfish | Pixel | Press and hold Volume Down, then press and hold Power |
hikey | hikey | Link pins 1 - 2 and 5 - 6 of J15 |
angler | Nexus 6P | Press and hold Volume Down, then press and hold Power |
bullhead | Nexus 5X | Press and hold Volume Down, then press and hold Power |
shamu | Nexus 6 | Press and hold Volume Down, then press and hold Power |
fugu | Nexus Player | Press and hold Power |
volantis | Nexus 9 | Press and hold Volume Down, then press and hold Power |
hammerhead | Nexus 5 | Press and hold both Volume Up and Volume Down, then press and hold Power |
flo | Nexus 7 | Press and hold Volume Down, then press and hold Power |
deb | Nexus 7 3G | Press and hold Volume Down, then press and hold Power |
manta | Nexus 10 | Press and hold both Volume Up and Volume Down, then press and hold Power |
mako | Nexus 4 | Press and hold Volume Down, then press and hold Power |
grouper | Nexus 7 (2012) | Press and hold Volume Down, then press and hold Power |
tilapia | Nexus 7 3G (2012) | Press and hold Volume Down, then press and hold Power |
phantasm | Nexus Q | Power the device, cover it with one hand after the LEDs light up and until they turn red |
maguro | Galaxy Nexus GSM | Press and hold both Volume Up and Volume Down, then press and hold Power |
toro | Galaxy Nexus (Verizon) | Press and hold both Volume Up and Volume Down, then press and hold Power |
toroplus | Galaxy Nexus (Sprint) | Press and hold both Volume Up and Volume Down, then press and hold Power |
wingray | Motorola Xoom | Press and hold Volume Down, then press and hold Power |
crespo | Nexus S | Press and hold Volume Up, then press and hold Power |
crespo4g | Nexus SG | Press and hold Volume Up, then press and hold Power |
【系統更新檔】
Android每月會有一次安全漏洞與更新檔的公告。這個資訊很重要,可以第一時間了解某個CVE的漏洞原理。這裡是傳送門