【题记】
做了很多年安全产品开发,漏洞分析与研究都停留在大学毕业那会儿。准备拾起来,搞点事情。刚刚开始,东西不多,都得一点点积累。
【Android漏洞分析方向】
–App漏洞
–Android内核漏洞
这里就不多说App的洞了。
【AOSP项目】
AOSP, 全称Android Open Source Project(http://source.android.com/),是谷歌领导下的Android开源工程,Android的巨大成功与其开放性密切相关,而开源是其开放性的集中体现。当然,得益于代码开源,其中的漏洞也可以很容易得到分析与验证。
【编译与运行】
按照官网文档一步步来就可以了。
【2017.3.10 更新】
# 整个项目down下来有56G
counselors@f82c1f799245:~/cabin/WORKING_DIRECTORY$ du . -hs
G .
源码下载了2天不到,经常连接超时而断掉,这里分享个自动同步直到完成的脚本。
#!/bin/bash
# filename: fetch_src.sh
# author: counsellors
i= # set counter to 0
while true # infinite loop
do
repo sync # silent curl request to site
if [ $? -eq ]
then
# curl didn't return 0 - failure
echo "download over!" $i
break # terminate loop
fi
i=$(($i+)) # increment counter
echo -en "$i \r" # display # of requests each iteration
sleep # short pause between requests
done
【AOSP支持设备列表】
AOSP编译之后可以在模拟器(emulator)中运行,然后挂GDB调试。做过Android开发的都知道模拟器有多慢。所以在真机下运行,是土豪的优先选择。AOSP编译后的文件不能在一般的手机上跑,驱动应该不支持。
不用妄图在小米或者HTC等设备上运行,费力不讨好。这个时候google的亲儿子-Nexus就开始发光了。AOSP明确声明,我可以在Nexus下直接跑。对于新版本的AOSP,第三方放ROM就输在起跑线上了。这里是官网给出的机型列表。
| Codename | Device | Keys |
|---|---|---|
| marlin | Pixel XL | Press and hold Volume Down, then press and hold Power |
| sailfish | Pixel | Press and hold Volume Down, then press and hold Power |
| hikey | hikey | Link pins 1 - 2 and 5 - 6 of J15 |
| angler | Nexus 6P | Press and hold Volume Down, then press and hold Power |
| bullhead | Nexus 5X | Press and hold Volume Down, then press and hold Power |
| shamu | Nexus 6 | Press and hold Volume Down, then press and hold Power |
| fugu | Nexus Player | Press and hold Power |
| volantis | Nexus 9 | Press and hold Volume Down, then press and hold Power |
| hammerhead | Nexus 5 | Press and hold both Volume Up and Volume Down, then press and hold Power |
| flo | Nexus 7 | Press and hold Volume Down, then press and hold Power |
| deb | Nexus 7 3G | Press and hold Volume Down, then press and hold Power |
| manta | Nexus 10 | Press and hold both Volume Up and Volume Down, then press and hold Power |
| mako | Nexus 4 | Press and hold Volume Down, then press and hold Power |
| grouper | Nexus 7 (2012) | Press and hold Volume Down, then press and hold Power |
| tilapia | Nexus 7 3G (2012) | Press and hold Volume Down, then press and hold Power |
| phantasm | Nexus Q | Power the device, cover it with one hand after the LEDs light up and until they turn red |
| maguro | Galaxy Nexus GSM | Press and hold both Volume Up and Volume Down, then press and hold Power |
| toro | Galaxy Nexus (Verizon) | Press and hold both Volume Up and Volume Down, then press and hold Power |
| toroplus | Galaxy Nexus (Sprint) | Press and hold both Volume Up and Volume Down, then press and hold Power |
| wingray | Motorola Xoom | Press and hold Volume Down, then press and hold Power |
| crespo | Nexus S | Press and hold Volume Up, then press and hold Power |
| crespo4g | Nexus SG | Press and hold Volume Up, then press and hold Power |
【系统补丁】
Android每月会有一次安全漏洞与补丁的公告。这个信息很重要,可以第一时间了解某个CVE的漏洞原理。这里是传送门
![与专家面对面:Android开发入门问与答[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)