The End of the world as we know it - AKA your last NullPointerException $1B bugs!
Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2...
Transcript of Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2...
![Page 1: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/1.jpg)
The Team
Marta Catillo
Antonio Farina
Luigi Martire
Supervisor
Prof. Aaron Visaggio
Team Leader
Dott. Ing. Antonio Pirozzi
https://github.com/lmartire/DoApp
![Page 2: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/2.jpg)
Android Environment
Activity
Receiver Serviceintent
explicit implicit
![Page 3: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/3.jpg)
Why (?)
• It’s possibile to start an Android Component with malicious intentions?• Yes, with Intent Spoofing.
• When an app registers to receive implicit system intents from the Android OS, it is also registered to receive any explicit intents.
• Impact: Un-authentic launching of vulnerable activities, accessing logins, card credentials, etc. and theft of data
![Page 4: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/4.jpg)
Android Environment
Activity
Receiver Serviceintent
explicit implicit
![Page 5: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/5.jpg)
Android Environment
Activity
Receiver Serviceintent
ExplicitMALINTENT
implicit
![Page 6: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/6.jpg)
State of the Art (1)Intent
Fuzzer
BIFUZ
- Only null Intent- No Report- No data field analysis
- Only Activities- Only Mimetype- No Report- No user-friendly
- Only Receivers- No Report
- No Android App- No user-friendly - Only System App
- Stagefright specialized
![Page 7: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/7.jpg)
State of the Art (2)Android
App
External
Tool
Tested Android Components Tested Fields Test Type System
Libraries
tested
UI
eventsReport
Activity Service Receiver Action MimeType URI Null Random Semivalid
DoApp X X X X X X X X X X X
DroidFuzzer X X X X
Fuzzinozer X X X X X X X X
Bifuz X X X X X X X
American
Fuzzy LopX - - - - - - - - - X X
Intent Fuzzer
(ISEC)X X X X X
Monkey X X X X X
Dynodroid X X X X X
GUIRipper X X X X X
Orbit X X X X X
SwiftHand X X X X X
PUMA X X X X X
EvoDroid X X X X X
ACTEve X X X X
![Page 8: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/8.jpg)
DoApp’s objective
WHAT• Android Application• Automatic tool• User-friendly• Deep test• Report
WHO• Developers
• Testers
• Researchers
• PentestersHOW
• Every component
• Every Action
• Every Data Field
• Null, random, semivalid test
WHY• Test Intent
Vulnerabilities• Intent spoofing• DOS Attack• Data leakage
![Page 9: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/9.jpg)
DoApp Design (1)
![Page 10: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/10.jpg)
DoApp Design (2)
MalIntentGenerator
SemivalidGeneratorRandomGeneratorNullGenerator
![Page 11: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/11.jpg)
DoApp Design – Info Gathering (1)activity1
intent-filter
ACTION_WEB_SEARCH
intent-filter
datamimetype = image/png
datamimetype = image/jpeg
action VIEW
action EDIT
datascheme = https
datascheme = http
datamimetype = text/plain
IntentDataInfo
activity1
intent-filter
datamimetype = image/png
IntentDataInfo
activity1
intent-filter
datascheme = http…
references
refe
ren
ces
![Page 12: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/12.jpg)
DoApp Design – Info Gathering (2)Data Field of Manifest
URIMimeType
Text/plain All other
![Page 13: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/13.jpg)
DoApp Design – Test Case Generation (1)
mimeType = "text/plain"
mimeType : all the other ones
NULL input without setting data type
NULL input setting data type
Random text (EXTRA_TEXT) setting data type
NULL input without setting data type
NULL input setting data type
Random URI (EXTRA_STREAM) setting data type
Semivalid URI (EXTRA_STREAM) setting data type
![Page 14: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/14.jpg)
DoApp Design – Test Case Generation (2)
http
https
unisannio.it
ding.unisannio.it
demm.unisannio.it
random MalIntents
![Page 15: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/15.jpg)
DoApp Design – FuzzerServicefuzzerService{
cleanLogCat();
foreach(MalIntent in malintents){sendMalIntent();parseLogCat();searchExceptions();
if(exception found){storeException();storeMalIntent();
}
killApp();}
}
![Page 16: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/16.jpg)
Operational Conditions
![Page 17: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/17.jpg)
ResultsAPPNAME VERSION Exception Types
Microsoft Onedrive 4.9 NullPointerException
Whatsapp 2.17.32 NullPointerException
Adobe - Acrobat Reader 17.90 NullPointerException
Dropbox 32.2.4 NullPointerException
IndexOutOfBoundsException
Shazam 6.7.0 NullPointerException
Twitter 6.31.0 NullPointerException
Microsoft Outlook 2.1.138 NullPointerException
Dubsmash 2.21.2 NullPointerException
Tinder 6.7.2 NullPointerException
RuntimeException
Badoo 4.59.0 NullPointerException
Pinterest 6.7.0 IllegalArgumentException
The Fork 8.5.1 NullPointerException
Box 4.3.615 NullPointerException
vk 4.7.2 ArrayIndexOutOfBoundsException
Wire private messenger 2.26.309 NullPointerException
SoundCloud 2017.01.24 NullPointerException
IllegalStateExceptipon
Asus Task 2.15.0.20 NullPointerException
Microsoft Word 16.0.7766.4775 NullPointerException
Microsoft Office Lens 16.0.7820.3002 NullPointerException
Microsoft Powerpoint 16.07.7766.4272 NullPointerException
Microsoft Excel 16.0.7766.5022 NullPointerException
Asus File Manager 2.0.0.355 NullPointerException
Signal - private messenger 3.28.1 NullPointerException
Expedia 8.0.1 NullPointerException
![Page 18: Presentazione standard di PowerPoint · Dubsmash 2.21.2 NullPointerException Tinder 6.7.2 NullPointerException RuntimeException Badoo 4.59.0 NullPointerException Pinterest 6.7.0 IllegalArgumentException](https://reader033.fdocuments.in/reader033/viewer/2022042015/5e73e9fb92b368686c0c6404/html5/thumbnails/18.jpg)
Conclusions
Exceptions type:
• NullPointerException
• IndexOutOfBound
• IllegalStateException
Future Development
• make it user-friendly
• improve stability
• usage for pentest
• data leakage