fufluns icon indicating copy to clipboard operation
fufluns copied to clipboard
verified publisher icon wargio

TODO List

Open wargio opened this issue 6 years ago • 2 comments

Android

  • [ ] Check APK Signature
    • rizin can open META-INF/CERT.RSA and print the pkcs7 data from pFp
  • [ ] Check Certificates and validity, bad hashes, etc..
  • [ ] Detect trackers
  • [x] App is debuggable example
  • [ ] Exported example issue - Partial
  • [ ] Test all android security best practies link

iOS

  • [x] Weak rand function
  • [ ] Sandbox Behavior (like successfully use fork() because calls to fork() are disallowed on a stock iOS device).
  • [x] TrustKit pinning.

wargio avatar Dec 30 '19 11:12 wargio

Any way to detect this kind of malware?

An example of APK trojan that seem to be available at Google Play for a while. Idk what way does Google check published apps.

nartes avatar Mar 02 '20 19:03 nartes

i guess it is possible to add r2yara and add rules regarding malwares on the bins

wargio avatar Mar 03 '20 10:03 wargio