Month February 2023

[AOSP] ActivityManager and ActivityManagerService

Lifecycle of ActivityManagerService Startup The lifecycle of ActivityManagerService begins with the following call in SystemServer. startBootstrapServices(){ […] traceBeginAndSlog(“StartActivityManager”); mActivityManagerService = mSystemServiceManager.startService( ActivityManagerService.Lifecycle.class).getService() } source:  : 510 Some of the core Services also where instantiated there and therefore belong to that…

StartFlag temporary DoS Exploit

Introduction The ActivityManagerService () is a component of Android that manages the Running Applications, non-system Services, ContentProviders and much more. The StartFlag DoS Exploit sends a manipulated startActivity event telling to start another Application in “native debugging” mode (in our…

Bypass AndroidManifest tag

The process below shows how to start an Activity that is not registered in the AndroidManifest.xml (). The Default Process Let’s say we have two Activities and call them Activity A and Activity B. In our scenario Activity A is…

BinderFuzzy

pentest Android Services An App intended for fuzzing the Binder interface and System Services of Android. You can use this Project in order to find bugs and exploits inside the Binder interface or System Services. Description BinderFuzzy is a fuzzer…

Reverse Engineering of the Anubis Malware - ”pandemistek” – intended for the Turkish market

1. ABSTRACT This work includes an analysis of the Anubis malware variant pandemidestek discovered on 12.06.2020. SHA256 231d970ea3195b3ba3e11e390b6def78a1c8eb5f0a8b7dccc0b4ec4aee9292ecName pandemidestek.apkVirustotal https://dosya.org/f.php?h=0G8rhXAJ&d=1GitHub In December 2016 the the article ”Android BOT from scratch” was published in which source code of a…