๐’ƒ๐’†๐’‚๐’–๐’•๐’š ๐’Š๐’๐’•๐’†๐’๐’๐’Š๐’ˆ๐’†๐’๐’•

Security Study/Reversing

Mobile Application Reverse Engineering: MARA

๐“›๐“พ๐“ฌ๐“ฎ๐“ฝ๐“ฎ_๐“ข๐“ฝ๐“ฎ๐“ต๐“ต๐“ช 2016. 12. 16.
728x90
๋ฐ˜์‘ํ˜•



Mobile Application Reverse engineering and Analysis Framework

    MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering tools, in order to make the task or reverse engineering and analysis easier and friendly to mobile application developers and security professionals.

 

Features supported

APK Reverse Engineering
  • Disassembling Dalvik bytecode to smali bytecode via baksmali and apktool
  • Disassembling Dalvik bytecode to java bytecode via enjarify
  • Decompiling APK to Java source code via jadx

 

APK Deobfuscation

 

APK Analysis
  • Parsing smali files for analysis via smalisca
  • Dump apk assets,libraries and resources
  • Extracting certificate data via openssl
  • Extract strings and app permissions via aapt
  • Identify methods and classes via ClassyShark
  • Scan for apk vulnerabilities via androbugs
  • Analyze apk for potential malicious behaviour via androwarn
  • Identify compilers, packers and obfuscators via APKiD
  • Extract execution paths, IP addresses, URL, URI, emails via regex

 

APK Manifest Analysis
  • Extract Intents
  • Extract exported activities
  • Extract receivers
  • Extract exported receivers
  • Extract Services
  • Extract exported services
  • Check if apk is debuggable
  • Check if apk allows backups
  • Check if apk allows sending of secret codes
  • Check if apk can receive binary SMS

 

Domain Analysis

 

Security Analysis

 

Installing MARA on Linux

Installing dependencies

MARA ships with a script that assists in downloading and installing the dependencies for each of the tools and components it ships with. Simply run the setup.sh script with sudo privileges and it will install them.


1. git clone https://github.com/xtiankisutsa/MARA_Framework

2. cd MARA_Framework

3. ./setup.sh

4. ./MARA.sh





[์›๋ณธ]https://n0where.net/mobile-application-reverse-engineering-mara/



728x90
๋ฐ˜์‘ํ˜•
์ €์ž‘์žํ‘œ์‹œ

'Security Study > Reversing' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

๋ฒ”์šฉ ๋ ˆ์ง€์Šคํ„ฐ(General Register)  (0) 2015.09.08
๋ฆฌ๋ฒ„์Šค ์—”์ง€๋‹ˆ์–ด๋ง์ด๋ž€?  (0) 2015.09.03
๋ ˆ์ง€์Šคํ„ฐ๋ž€?  (0) 2015.09.03
์–ด์…ˆ๋ธ”๋ฆฌ์–ธ์–ด๋ž€?  (0) 2015.09.03

๋Œ“๊ธ€

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”