1

I'm interested in security stuff and I want to start with Android devices to test this OS. I've seen that there are many exploits for Android (the most famous is the StageFright case) and I'm also curious to start developing something like that. I know how memory works and I've got much experience in Linux exploitation techniques (both buffer and heap stuff).

Of course I've got some questions about Android basics and tools.

I' ve already downloaded the AOSP so I can read the source code without problem. So the static analysis can be done easily and I don't need something like IDA or BinaryNinja like in Linux to analyze code.

But what about dynamic analysis/debug systems? In linux I use GDB to check the heap layout or buffer status or register conditions and so on..
But how can I debug system stuff using GDB? In particular How can I LIVE debug a specific part of the AOSP code?

S.L. Barth
  • 5,486
  • 8
  • 38
  • 47
Alessio Trecani
  • 129
  • 3
  • I'm afraid that in its current form, this question is a bit broad for Stack Exchange. It seems that the underlying question is how to debug the Android OS live. Maybe you should edit the question to make it focus more specifically on that. (And it might be more appropriate for Stack Overflow. But if you want to post it there, you'll have to show what you've already tried, or it might get closed as a tool request). – S.L. Barth Mar 10 '17 at 08:57
  • This is a security board.. So I m requesting how to debug particoular part of AOSP code. How should I change it? ( I m not requesting any tool ) – Alessio Trecani Mar 10 '17 at 09:00
  • I think the main question is how to live debug a specific part of the AOSP code, for vulnerability detection/analysis. So it should focus on that. Point (3) is a resource request, I'd leave that out. Point (2) seems to elaborate on point (1), I think it's more or less the same question, but specifically for how it was done by the people who found the StageFright vulnerability. You might want to merge these points. – S.L. Barth Mar 10 '17 at 09:10
  • 1
    Edited the code, thanks for the suggestions. I hope someone will Answer. – Alessio Trecani Mar 10 '17 at 09:20
  • This seems to be covered on source.android.com: https://source.android.com/devices/tech/debug/ – user2313067 Mar 10 '17 at 15:49

0 Answers0