Android系统漏洞检测和利用方法的研究与实现

发布时间：2018-08-06 17:24

【摘要】：Android操作系统因其开源特性而受到广泛应用,但由于系统存在漏洞,不法分子利用系统漏洞提升自身应用权限,在用户完全不知情的情况下非法采集或泄露用户信息,甚至完全控制用户设备的事件时有发生。例如信息泄露导致的垃圾电话和短信让人们的正常生活饱受骚扰,电信诈骗造成的财产损失等。因此,Android操作系统的安全问题受到高度重视,研究Android系统漏洞的检测和利用方法,无论是在商业价值还是在保护个人信息和财产方面,都具有重大意义。本文通过对Android应用层安全机制进行分析,总结出Android应用的安全开发测试方法;在研究Android系统层面安全机制和漏洞缓冲机制的基础上,总结出Android 4.1.2-6.0.1版本间可用的漏洞提权利用的方法,编写了漏洞利用代码;另外,针对目前市场上Android系统漏洞检测应用软件的缺乏,提出了基于漏洞自身特性的漏洞检测方法和基于漏洞编号的二进制漏洞检测方法这两种漏洞检测方法,基于这两种方法设计并实现了一种漏洞检测工具一一VTS。VTS有效解决了使用传统PoC和其他脚本方式进行漏洞存在性验证时效率低、工作量大、稳定性差的问题。通过对系统版本在4.1.2-6.0.1之间的19款机型使用漏洞利用代码进行root提权测试,发现 CVE-2014-7911CVE-2014-4322、CVE-2015-3636、CVE-2015-1805 这几个漏洞利用代码的组合使用可以root所有机型。而仅使用单个漏洞利用代码进行提权测试时,由于漏洞利用代码中存在硬编码,需要做大量机型适配工作才能取得比较好的效果。另外对漏洞检测工具VTS添加了 93个漏洞检测代码,并在Google官方和国内厂商的几款机型上进行了测试。测试结果显示VTS检测速度快,运行稳定流畅。通过对具体机型做针对性代码修改,检测结果的错误率可以控制在10%以内。满足了国内厂商定期对所发布系统进行漏洞补丁级别检测以及用户熟悉自身设备安全性的要求。
[Abstract]:Android operating system is widely used because of its open source characteristics. However, because of the loopholes in the system, the illegal molecules use system vulnerabilities to improve their own application rights, illegally collect or disclose user information under the full unknowable situation of the users, even completely control the event of user equipment. For example, the garbage caused by information leakage. Telephone and text messages make people's normal life harassed and the property loss caused by telecommunications fraud. Therefore, the security of the Android operating system is highly valued. It is of great significance to study the detection and use of Android system vulnerabilities, both in commercial value and in the protection of personal information and property. After analyzing the security mechanism of Android application layer, this paper summarizes the security development test method of Android application. On the basis of studying the security mechanism and the vulnerability buffer mechanism of the Android system level, it summarizes the method of using the vulnerability extraction of the Android 4.1.2-6.0.1 version, and writes the loophole utilization code; in addition, it aims at the current market. In the lack of Android system vulnerability detection software, two vulnerability detection methods based on vulnerability detection and vulnerability number based binary vulnerability detection are proposed. Based on these two methods, a vulnerability detection tool, one VTS.VTS, is designed and implemented to effectively solve the use of traditional PoC and others. The scripting method has the problem of low efficiency, large workload and poor stability in the existence of vulnerability verification. Through the use of loopholes in the system version between the 19 types of 4.1.2-6.0.1 models to carry out root lifting test, it is found that CVE-2014-7911CVE-2014-4322, CVE-2015-3636, and CVE-2015-1805 are used in combination of the code. Root all models. While using only a single vulnerability to use code for weight testing, a large number of model adaptions are required to achieve better results due to hard coding in the vulnerability code. In addition, 93 vulnerability detection codes are added to the vulnerability detection tool, VTS, and several models of the Google official and domestic manufacturers. The test results show that the VTS detection speed is fast and the operation is stable and smooth. The error rate of the test results can be controlled within 10% through the specific code modification to the specific model. It meets the requirements of the domestic manufacturers to detect the vulnerability patch level of the published system regularly and to familiarize the users with the security of their own devices.
【学位授予单位】：西安科技大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP316;TP309

【参考文献】