Recently, we performed an Android application penetration test an application available on the Play Store. The app had good security in place to protect it from being opened and executed on a Rooted app. In this blog post, Sanjay from NotSoSecure describes how he got around every check that is necessary to conduct API/dynamic testing on an Android application.
This is a tale of circumventing all checks to record the activity of an Android application on a rooted smartphone. It took us 16 hours to crack and here we’ll tell you the story of how we did it.
The First 8 Hours: Root Detection Check in Native Java code
It all started with BlackScreen and a custom error message reading "Device Security" when the app was loaded on an emulator. The application was working fine on a non-rooted mobile device, however, only under the pretext that there was no proxy configured on the device. Keeping the following information in mind we proceeded to test the APK in our emulator.
When we installed the application from the play store on an emulator, it showed us the following screen.
To identify the function responsible for showing this error message, we usually use the string backtracking. To do that, first we had to extract the application APK from the device and decompile it using apktool.jar.
We searched for the "Device Security" string and found 2 occurrences of ..
Support the originator by clicking the read the rest link below.
