做了很多年安全产品开发,漏洞分析与研究都停留在大学毕业那会儿。准备拾起来,搞点事情。刚刚开始,东西不多,都得一点点积累。
–App漏洞 –Android内核漏洞
这里就不多说App的洞了。
AOSP, 全称Android Open Source Project(http://source.android.com/),是谷歌领导下的Android开源工程,Android的巨大成功与其开放性密切相关,而开源是其开放性的集中体现。当然,得益于代码开源,其中的漏洞也可以很容易得到分析与验证。
按照官网文档一步步来就可以了。 【2017.3.10 更新】
# 整个项目down下来有56G counselors@f82c1f799245:~/cabin/WORKING_DIRECTORY$ du . -hs 56G .源码下载了2天不到,经常连接超时而断掉,这里分享个自动同步直到完成的脚本。
#!/bin/bash # filename: fetch_src.sh # author: counsellors i=0 # set counter to 0 while true # infinite loop do repo sync # silent curl request to site if [ $? -eq 0 ] then # curl didn't return 0 - failure echo "download over!" $i break # terminate loop fi i=$(($i+1)) # increment counter echo -en "$i \r" # display # of requests each iteration sleep 1 # short pause between requests doneAOSP编译之后可以在模拟器(emulator)中运行,然后挂GDB调试。做过Android开发的都知道模拟器有多慢。所以在真机下运行,是土豪的优先选择。AOSP编译后的文件不能在一般的手机上跑,驱动应该不支持。 不用妄图在小米或者HTC等设备上运行,费力不讨好。这个时候google的亲儿子-Nexus就开始发光了。AOSP明确声明,我可以在Nexus下直接跑。对于新版本的AOSP,第三方放ROM就输在起跑线上了。这里是官网给出的机型列表。
CodenameDeviceKeysmarlinPixel XLPress and hold Volume Down, then press and hold PowersailfishPixelPress and hold Volume Down, then press and hold PowerhikeyhikeyLink pins 1 - 2 and 5 - 6 of J15anglerNexus 6PPress and hold Volume Down, then press and hold PowerbullheadNexus 5XPress and hold Volume Down, then press and hold PowershamuNexus 6Press and hold Volume Down, then press and hold PowerfuguNexus PlayerPress and hold PowervolantisNexus 9Press and hold Volume Down, then press and hold PowerhammerheadNexus 5Press and hold both Volume Up and Volume Down, then press and hold PowerfloNexus 7Press and hold Volume Down, then press and hold PowerdebNexus 7 3GPress and hold Volume Down, then press and hold PowermantaNexus 10Press and hold both Volume Up and Volume Down, then press and hold PowermakoNexus 4Press and hold Volume Down, then press and hold PowergrouperNexus 7 (2012)Press and hold Volume Down, then press and hold PowertilapiaNexus 7 3G (2012)Press and hold Volume Down, then press and hold PowerphantasmNexus QPower the device, cover it with one hand after the LEDs light up and until they turn redmaguroGalaxy Nexus GSMPress and hold both Volume Up and Volume Down, then press and hold PowertoroGalaxy Nexus (Verizon)Press and hold both Volume Up and Volume Down, then press and hold PowertoroplusGalaxy Nexus (Sprint)Press and hold both Volume Up and Volume Down, then press and hold PowerwingrayMotorola XoomPress and hold Volume Down, then press and hold PowercrespoNexus SPress and hold Volume Up, then press and hold Powercrespo4gNexus SGPress and hold Volume Up, then press and hold PowerAndroid每月会有一次安全漏洞与补丁的公告。这个信息很重要,可以第一时间了解某个CVE的漏洞原理。这里是传送门
