Automatic POC generation of Android app vulnerability
Mobile applications have played a huge part in our daily lives, providing convenience for the application users. However, these applications also brought significant risks to the users through the exploitation of various vulnerabilities. This report proposes a tool, AndroidXploit, that detects if...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/149039 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Mobile applications have played a huge part in our daily lives, providing convenience for the
application users. However, these applications also brought significant risks to the users
through the exploitation of various vulnerabilities.
This report proposes a tool, AndroidXploit, that detects if certain vulnerabilities are present by
reading the source code of the application. If such vulnerabilities are present, AndroidXploit will
then automatically exploit these vulnerabilities. The source code is reversed engineered using
Apktool, and the vulnerabilities are exploited using tools such as Android Debug Bridge and
John the Ripper.
AndroidXploit is tested on several popular applications and have successfully exploited some of
the vulnerabilities present in these applications. |
|---|