Harvesting developer credentials in Android apps

Zhou, Yajin; Wu, Lei; Wang, Zhi; Jiang, Xuxian

doi:10.1145/2766498.2766499

Cited by 33 publications

(20 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This is due to a combination of factors: unnecessary permissions requested by app building frameworks, or developers that use similar manifests for multiple app projects; secondary functionality that is not mentioned in descriptions; and the use of 3rd party libraries. In a related study, Zhou et al [254] mined a set of 36,561 Android apps, and proposed the tool CredMiner which is focused on decompilation and program slicing. They identified over 400 apps that leaked developer user-names and passwords, required for the program to execute normally.…”

Section: Permissions and Securitymentioning

confidence: 99%

A Survey of App Store Analysis for Software Engineering

Martin

Sarro

Jia

et al. 2017

IIEEE Trans. Software Eng.

338

242

View full text Add to dashboard Cite

App Store Analysis studies information about applications obtained from app stores. App stores provide a wealth of information derived from users that would not exist had the applications been distributed via previous software deployment methods. App Store Analysis combines this non-technical information with technical information to learn trends and behaviours within these forms of software repositories. Findings from App Store Analysis have a direct and actionable impact on the software teams that develop software for app stores, and have led to techniques for requirements engineering, release planning, software design, security and testing. This survey describes and compares the areas of research that have been explored thus far, drawing out common aspects, trends and directions future research should take to address open problems and challenges.

show abstract

Section: Permissions and Securitymentioning

confidence: 99%

A Survey of App Store Analysis for Software Engineering

Martin

Sarro

Jia

et al. 2017

IIEEE Trans. Software Eng.

338

242

View full text Add to dashboard Cite

show abstract

“…However, it cannot analyze open-port parameters due to the lack of a backward-style parameter tracking engine. There are a few static tools for parameter analysis, but they cannot be applied to our problem due to limitations, such as no complete parameter representation in SAAF [51], no array handling [86], and no open port relevant API modeling [42]. We address these issues by introducing the backward slicing graph and semantic-aware constant propagation.…”

Section: Related Workmentioning

confidence: 99%

Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment

Wu¹,

Gao²,

Chang³

et al. 2019

Proceedings 2019 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Open TCP/UDP ports are traditionally used by servers to provide application services, but they are also found in many Android apps. In this paper, we present the first openport analysis pipeline, covering the discovery, diagnosis, and security assessment, to systematically understand open ports in Android apps and their threats. We design and deploy a novel ondevice crowdsourcing app and its server-side analytic engine to continuously monitor open ports in the wild. Over a period of ten months, we have collected over 40 million port monitoring records from 3,293 users in 136 countries worldwide, which allow us to observe the actual execution of open ports in 925 popular apps and 725 built-in system apps. The crowdsourcing also provides us a more accurate view of the pervasiveness of open ports in Android apps at 15.3%, much higher than the previous estimation of 6.8%. We also develop a new static diagnostic tool to reveal that 61.8% of the open-port apps are solely due to embedded SDKs, and 20.7% suffer from insecure API usages. Finally, we perform three security assessments of open ports: (i) vulnerability analysis revealing five vulnerability patterns in open ports of popular apps, e.g., Instagram, Samsung Gear, Skype, and the widely-embedded Facebook SDK, (ii) inter-device connectivity measurement in 224 cellular networks and 2,181 WiFi networks through crowdsourced network scans, and (iii) experimental demonstration of effective denial-of-service attacks against mobile open ports.

show abstract

“…The tool takes the following steps: 1) Decompilation: Given an APK file, the tool first decompiles the app using the command line version of the JADX decompilation tool. 2 A successful decompilation will provide us with a project folder that contains decompiled Java source code of the app and the resource files. Although decompilation errors are common, JADX is quite robust and produces code with a correct syntax.…”

Section: B Api Minermentioning

confidence: 99%

“…Zhou et al harvested free email and Amazon AWS cloud service credentials with their tool CredMiner from more than 36 500 apps from various Android markets [2]. In their case studies, they mention unprotected credentials within the app's source code, obfuscated credentials using a Base64 encoding, and encrypted credentials, however, in those cases the decryption key has also been found in the app's source code.…”

Section: Related Workmentioning

confidence: 99%

Web APIs in Android through the Lens of Security

Gadient

Ghafari

Tarnutzer

et al. 2020

2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)

View full text Add to dashboard Cite

Web communication has become an indispensable characteristic of mobile apps. However, it is not clear what data the apps transmit, to whom, and what consequences such transmissions have.We analyzed the web communications found in mobile apps from the perspective of security. We first manually studied 160 Android apps to identify the commonly-used communication libraries, and to understand how they are used in these apps. We then developed a tool to statically identify web API URLs used in the apps, and restore the JSON data schemas including the type and value of each parameter.We extracted 9 714 distinct web API URLs that were used in 3 376 apps. We found that developers often use the java.net package for network communication, however, third-party libraries like OkHttp are also used in many apps. We discovered that insecure HTTP connections are seven times more prevalent in closed-source than in open-source apps, and that embedded SQL and JavaScript code is used in web communication in more than 500 different apps. This finding is devastating; it leaves billions of users and API service providers vulnerable to attack.

show abstract

Harvesting developer credentials in Android apps

Cited by 33 publications

References 28 publications

A Survey of App Store Analysis for Software Engineering

A Survey of App Store Analysis for Software Engineering

Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment

Web APIs in Android through the Lens of Security

Contact Info

Product

Resources

About