Android系统漏洞检测和利用方法的研究与实现

发布时间：2018-08-06 17:24

【摘要】：Android操作系统因其开源特性而受到广泛应用,但由于系统存在漏洞,不法分子利用系统漏洞提升自身应用权限,在用户完全不知情的情况下非法采集或泄露用户信息,甚至完全控制用户设备的事件时有发生。例如信息泄露导致的垃圾电话和短信让人们的正常生活饱受骚扰,电信诈骗造成的财产损失等。因此,Android操作系统的安全问题受到高度重视,研究Android系统漏洞的检测和利用方法,无论是在商业价值还是在保护个人信息和财产方面,都具有重大意义。本文通过对Android应用层安全机制进行分析,总结出Android应用的安全开发测试方法;在研究Android系统层面安全机制和漏洞缓冲机制的基础上,总结出Android 4.1.2-6.0.1版本间可用的漏洞提权利用的方法,编写了漏洞利用代码;另外,针对目前市场上Android系统漏洞检测应用软件的缺乏,提出了基于漏洞自身特性的漏洞检测方法和基于漏洞编号的二进制漏洞检测方法这两种漏洞检测方法,基于这两种方法设计并实现了一种漏洞检测工具一一VTS。VTS有效解决了使用传统PoC和其他脚本方式进行漏洞存在性验证时效率低、工作量大、稳定性差的问题。通过对系统版本在4.1.2-6.0.1之间的19款机型使用漏洞利用代码进行root提权测试,发现 CVE-2014-7911CVE-2014-4322、CVE-2015-3636、CVE-2015-1805 这几个漏洞利用代码的组合使用可以root所有机型。而仅使用单个漏洞利用代码进行提权测试时,由于漏洞利用代码中存在硬编码,需要做大量机型适配工作才能取得比较好的效果。另外对漏洞检测工具VTS添加了 93个漏洞检测代码,并在Google官方和国内厂商的几款机型上进行了测试。测试结果显示VTS检测速度快,运行稳定流畅。通过对具体机型做针对性代码修改,检测结果的错误率可以控制在10%以内。满足了国内厂商定期对所发布系统进行漏洞补丁级别检测以及用户熟悉自身设备安全性的要求。
[Abstract]:The Android operating system is widely used because of its open source characteristics. However, because of the flaw in the system, the lawless elements take advantage of the system vulnerability to enhance their application rights and illegally collect or disclose user information without the user's knowledge. Events that even take full control of the user's equipment occur from time to time. For example, spamming phone calls and text messages caused by information leaks harass people's normal lives, and damage to property caused by telecom fraud. Therefore, the security of the Android operating system has received great attention. It is of great significance to study the detection and utilization of Android system vulnerabilities, whether in commercial value or in the protection of personal information and property. By analyzing the security mechanism of Android application layer, this paper summarizes the security development and testing methods of Android application, and studies the security mechanism and vulnerability buffer mechanism of Android system. This paper summarizes the methods of vulnerability exploitation between version 4.1.2-6.0.1 of Android, and compiles the code of vulnerability exploitation. In addition, aiming at the lack of application software for vulnerability detection of Android system in the current market, Two vulnerability detection methods are proposed, which are vulnerability detection method based on vulnerability characteristics and binary vulnerability detection method based on vulnerability number. Based on these two methods, a vulnerability detection tool, VTS.VTS, is designed and implemented to effectively solve the problems of low efficiency, heavy workload and poor stability when using traditional PoC and other scripting methods to verify vulnerability existence. By testing the vulnerability exploitation code of 19 models with system version between 4.1.2-6.0.1, it is found that CVE-2014-7911CVE-2014-4322CVE-2015-3636 CVE-2015-1805 can be used by all root models. However, when only using a single vulnerability code for power raising testing, due to the existence of hard coding in the vulnerability exploitation code, a large number of adaptations are needed in order to achieve better results. In addition, 93 vulnerability detection codes were added to the vulnerability detection tool VTS, and tested on several models of Google official and domestic manufacturers. The test results show that the VTS detection speed is fast and the operation is stable and smooth. The error rate of the test results can be controlled within 10% by making specific code modification. It meets the requirements of domestic manufacturers to check the vulnerability level of the issued system regularly and users are familiar with the security of their own equipment.
【学位授予单位】：西安科技大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP316;TP309

【参考文献】