Wednesday 20 May 2015
0 comments
17:20:00

Android Anti-Root Detection Proof of Concept (POC)


Android Anti-Root Detection Proof of Concept (POC)

rd

rd is a proof-of-concept of sandboxing apps that performs root detection.

Root detection is the cargo-cult of Android security. Everyone does it, nobody knows why.

How does it work?

By using ptrace to call dlopen on the remote process. The loaded library has a constructor that replaces the code of access with its own.

If you look at the Android source code, File.exists calls access. If an app tries to check the presence of su, We simply have to emulate its absence.

LICENSE

It is released under the WTFPL, so you are free to show that root detection is useless.

Download

0 comments:

Post a Comment

Note: only a member of this blog may post a comment.

 
Toggle Footer
Top