Making Android's Bootable Recovery Work for You - Drew Suarez, Matasano Security
Author: Shakacon LLC
112 View
41m 16s Lenght
0 Rating
Android bootable recovery mode is a self-contained alternative boot mode that loads a tiny Linux environment onto a mobile device. While most stock devices are shipped with recoveries that fairly limited in nature, their use can be greatly extended with a little bit of effort. In this presentation, I will show you how to build your own custom recovery for your Android device. This can be used towards a number of interesting security related goals such as: penetration testing, forensics, data acquisition, bypassing security controls, modifying software, Android development and in some cases provides a direct exploitation route into a device. Using a variety of commonly available tools, attendees will learn how to deconstruct and inspect a number of different boot and recovery software implementations and rapidly being compiling their own custom tools. The intent is for an attendee to understand the scope and capabilities of Android bootable firmware and learn who to rapidly develop their own custom software for a variety of different purposes. Additionally, it teaches attendees who to look for flaws in bootable firmware which help determine the security of Android devices. Security research, vulnerability testing, data acquisition and modification, bypassing security controls and platform testing are all intended goals and uses of a custom Android recovery firmware. By the end of the talk, an attendee should have acquired enough knowledge to start making useful tools for security's many needs.