September 27-28, 2013
Trivandrum, India

 International Cyber Security and Policing Conference

ARM Android Xploitation Primer

Smart-phones, tablets and portable gadgets have become a must-have for everyone for personal as well as official use. As people have started utilizing these devices to frequently access the Internet, read important documents, carry out financial transactions and so on and so forth, the bad guys have realized the shift and have started to focus on exploiting these platforms for their gains. There has been a lot of advancement in mobile malware and exploitation research.

These devices are computers running various operating systems on ARM processors with hardware for telephony, wifi etc.

ARM Android Xploitation Primer takes up one of the finest operating system used for these devices I.e. Android as the ARM based platform for the training and takes a deep dive into ARM assembly, Android Native development components, buffer overflows and shellcoding. The training introduces the attendees to the ARM Android platform including the intrinsic technical details and security issues using a balanced proportion of theory and extensive hands-on and exercises. It provides a base for the attendees to develop security research expertise on the ARM based platforms beyond the conventional Android application security testing skills.

Course Content
  • Introduction to Android
  • What is Android?
  • The architecture
  • Getting the Android source
  • Setting up the environment
  • Android Native Dev primer
  • ADB
  • NDK
  • Compiling C code
  • Assembly code
  • Execution
  • Debugging
  • Android ARM Assembly primer
  • ARM overview
  • Processor Modes
  • Registers
  • Instruction set
  • Stack implementation
  • System call convention
  • Procedure call convention
  • Exercises
  • ARM Shellcoding Primer
  • Introduction
  • System interaction
  • Relative addressing
  • Four byte Hell!
  • Null byte Hell!
  • ARM THUMB and the finger
  • Exercises
  • Indroid - Code Injection
  • Introduction
  • Borrowing from Windows
  • Linux Ptrace
  • Library Injection
  • Indroid
  • Memory Allocation and Execution
  • Threadification
  • Payload
  • The API
  • Putting it all together i.e. DIY injection
  • ARM buffer overflow primer
  • Buffer overflow 101
  • The ARM/Linux stack
  • Stack overflow
  • Controlling the flow of execution
  • Ret2Libc
  • Exercises

Speaker Details

Aseem Jakhar
is the Director, research at Payatu Technologies Pvt Ltd a boutique security testing company. He has extensive experience in system programming, security research, consulting and managing security software development projects. He has worked on various security software including IBM ISS Proventia UTM appliance, Mirapoint messaging/security appliance, anti-spam engine, anti-virus software, multicast packet reflector, Transparent HTTPS proxy with captive portal, bayesian spam filter to name a few. He is an active speaker at security and open source conferences; some of the conferences he has spoken at include AusCERT, Defcon,, Blackhat, Xcon, Cyber security summit, Cocon, OSI Days, Clubhack, Gnunify. His research includes Linux remote thread injection, automated web application detection and dynamic web filter. He is the author of open source Linux thread injection kit - Jugaad and Indroid which demonstrate a stealthy malware infection technique. He is well known in the hacking and security community as the founder of null - The open security community, registered not-for-profit organization , the largest security community in India and the founder of nullcon security conference

1 day (8 hrs)

Participants Requirements
  • Bring your own laptop
  • 15+ GB free hard disk space
  • 2+ GB RAM
  • VirtualBox installed on the system

  • Basic Linux knowledge
  • Programming, assembly knowledge will be a plus although not specifically required
  • Passion to learn new security stuff

Who should attend?
  • Information security professionals
  • Security researchers and penetration testers
  • Anyone with interest in Android security
  • Android developers/QA
What to Expect
  • Interactive hands-on training session
  • Code analysis, trial and errors
  • Getting familiar with the Android platform
What not to Expect
Becoming an ARM or Android hacker overnight. Use the knowledge gained and research further to master the platform. This training acts as a base to quickly kick start your research into ARM/Android security.

Home   |    Venue  |    Speakers  |   Agenda  |   Workshops  |   Contact

© Information Security Day. All Rights Reserved.