【題記】
做了很多年安全産品開發,漏洞分析與研究都停留在大學畢業那會兒。準備拾起來,搞點事情。剛剛開始,東西不多,都得一點點積累。
【Android漏洞分析方向】
–App漏洞
–Android核心漏洞
這裡就不多說App的洞了。
【AOSP項目】
AOSP, 全稱Android Open Source Project(http://source.android.com/),是谷歌上司下的Android開源工程,Android的巨大成功與其開放性密切相關,而開源是其開放性的集中展現。當然,得益于代碼開源,其中的漏洞也可以很容易得到分析與驗證。
【編譯與運作】
按照官網文檔一步步來就可以了。
【2017.3.10 更新】
# 整個項目down下來有56G
counselors@f82c1f799245:~/cabin/WORKING_DIRECTORY$ du . -hs
G .
源碼下載下傳了2天不到,經常連接配接逾時而斷掉,這裡分享個自動同步直到完成的腳本。
#!/bin/bash
# filename: fetch_src.sh
# author: counsellors
i= # set counter to 0
while true # infinite loop
do
repo sync # silent curl request to site
if [ $? -eq ]
then
# curl didn't return 0 - failure
echo "download over!" $i
break # terminate loop
fi
i=$(($i+)) # increment counter
echo -en "$i \r" # display # of requests each iteration
sleep # short pause between requests
done
【AOSP支援裝置清單】
AOSP編譯之後可以在模拟器(emulator)中運作,然後挂GDB調試。做過Android開發的都知道模拟器有多慢。是以在真機下運作,是土豪的優先選擇。AOSP編譯後的檔案不能在一般的手機上跑,驅動應該不支援。
不用妄圖在小米或者HTC等裝置上運作,費力不讨好。這個時候google的親兒子-Nexus就開始發光了。AOSP明确聲明,我可以在Nexus下直接跑。對于新版本的AOSP,第三方放ROM就輸在起跑線上了。這裡是官網給出的機型清單。
| Codename | Device | Keys |
|---|---|---|
| marlin | Pixel XL | Press and hold Volume Down, then press and hold Power |
| sailfish | Pixel | Press and hold Volume Down, then press and hold Power |
| hikey | hikey | Link pins 1 - 2 and 5 - 6 of J15 |
| angler | Nexus 6P | Press and hold Volume Down, then press and hold Power |
| bullhead | Nexus 5X | Press and hold Volume Down, then press and hold Power |
| shamu | Nexus 6 | Press and hold Volume Down, then press and hold Power |
| fugu | Nexus Player | Press and hold Power |
| volantis | Nexus 9 | Press and hold Volume Down, then press and hold Power |
| hammerhead | Nexus 5 | Press and hold both Volume Up and Volume Down, then press and hold Power |
| flo | Nexus 7 | Press and hold Volume Down, then press and hold Power |
| deb | Nexus 7 3G | Press and hold Volume Down, then press and hold Power |
| manta | Nexus 10 | Press and hold both Volume Up and Volume Down, then press and hold Power |
| mako | Nexus 4 | Press and hold Volume Down, then press and hold Power |
| grouper | Nexus 7 (2012) | Press and hold Volume Down, then press and hold Power |
| tilapia | Nexus 7 3G (2012) | Press and hold Volume Down, then press and hold Power |
| phantasm | Nexus Q | Power the device, cover it with one hand after the LEDs light up and until they turn red |
| maguro | Galaxy Nexus GSM | Press and hold both Volume Up and Volume Down, then press and hold Power |
| toro | Galaxy Nexus (Verizon) | Press and hold both Volume Up and Volume Down, then press and hold Power |
| toroplus | Galaxy Nexus (Sprint) | Press and hold both Volume Up and Volume Down, then press and hold Power |
| wingray | Motorola Xoom | Press and hold Volume Down, then press and hold Power |
| crespo | Nexus S | Press and hold Volume Up, then press and hold Power |
| crespo4g | Nexus SG | Press and hold Volume Up, then press and hold Power |
【系統更新檔】
Android每月會有一次安全漏洞與更新檔的公告。這個資訊很重要,可以第一時間了解某個CVE的漏洞原理。這裡是傳送門
![與專家面對面:Android開發入門問與答[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)