Analyzing the Android permission model using ADB_Mobile Device Exploitation Cookbook-QQ阅读女生现言网

上QQ阅读APP看书，第一时间看更新

Analyzing the Android permission model using ADB

Having set up the development environment and coded your first Android application, now it's time to understand the underlying permission model of the Android operating system. The underlying operating system is Linux; the Android operating system is built using Linux as the basis. Applications in Linux run with a specific user ID and group ID. Android uses the same Linux model to set permissions for applications; this separates and protects Android applications from each other.

Getting ready

Make sure you have ADB installed. You also need an Android emulator or an Android device to connect to ADB.

A device or emulator that has been used frequently is best for this purpose (as a newly created emulator or device may not contain much data to view using ADB). Furthermore, for learning purposes, a rooted phone is preferred.

How to do it...

Follow the steps given here for analyzing the Android permission model using ADB:

Enable USB debugging mode on your Android device and connect it via a data cable to a computer on which ADB is running. ADB is a very powerful tool and can be used to run various useful commands, which can help us with the following tasks:
- Pushing data into the phone/emulator
- Pulling data from the phone/emulator
- Obtaining a shell in the phone/emulator
- Installing and removing applications
- Navigating the filesystem
- Stealing key system files
- Stealing application-related files such as preferences and SQLite files
- Viewing device logs
Use ADB to analyze the application permissions. To do this, we will have to first obtain the shell in the device using the adb shell command and then we will have to run the ps command to find the details of the process that is running.

The following screenshot depicts this process for a phone connected to the Linux machine on which ADB was run:

How it works...

Take a while to analyze the preceding screenshot. Make a note of the first, second, and last columns which show USER, PID, and application NAME respectively. Note that each application has a unique PID and is run from a specific user. Only a few privileged processes run with the user root. Other applications run via specific users. For example, the com.android.datapass application with PID 299 runs as user app_47. Also, com.svox.pico runs with user app_28.

Each application in Android runs in its own sandbox. A sandbox is a virtual environment where the application runs within its limited context and is not allowed access to, or to be accessed from, other applications. The permissions model in Android (applications running with specific users) helps create a sandbox, thereby restricting applications within their own context and allowing no or limited interaction (as chosen by the application developer) with other applications. This also secures applications against data theft or other attacks from rogue applications and malware.

There's more...

The Android permissions model and sandbox implementation attempts to build in security by design. This has been the target of attackers and evangelists. Android sandbox bypass attacks and attacks originating from insecure code implementation are a couple of the types of attack against this security feature. Nevertheless, security by design is implemented in the Android OS itself in the form of the permissions model.