Home Lab Setup SEED Labs Books Lectures Workshops
SEED Logo

Android Repackaging Attack Lab

Overview

Repackaging attack is a very common type of attacks on Android devices. In such an attack, attackers modify a popular app downloaded from app markets, reverse engineer the app, add some malicious payloads, and then upload the modified app to app markets. Users can be easily fooled, because it is hard to notice the difference between the modified app and the original app. Once the modified apps are installed, the malicious code inside can conduct attacks, usually in the background. For example, in March 2011, it was found that DroidDream Trojan had been embedded into more than 50 apps in Android official market and had infected many users. DroidDream Trojan exploits vulnerabilities in Android to gain the root access on the device.

The learning objective of this lab is for students to gain a first-hand experience in Android repackaging attack, so they can better understand this particular risk associated with Android systems, and be more cautious when downloading apps to their devices, especially from those untrusted third-party markets. In this lab, students will be asked to conduct a simple repackage attack on a selected app, and demonstrate the attack only on our provided Android VM. Students should be warned not to submit their repackaged apps to any market, or they will face legal consequence. Nor should they run the attack on their own Android devices, as that may cause real damages.

Tasks (PDF)

  • VM version: This lab has been tested on our pre-built SEEDUbuntu-16.04 VM
  • Note:: This lab needs to use the SEEDUbuntu-16.04 VM and the Android7.1 VMs (can be downloaded from here)

Time (Suggested)

  • Supervised (closely-guided lab session): 2 hours
  • Unsupervised (take-home project): 1 week

Files Needed

  • MaliciousCode.smali: this smali code deletes all the contacts on the phone if triggered.
  • MaliciousCode_Location.zip: this zip file contains smali code that can track the victim's location.
  • You can use some existing apps for this lab; if you don't want to do that, we have created a simple app (RepackagingLab.apk) that you can use.

Feedback and Help

Please give us your feedback on this lab using this feedback form.
The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs.