Session:Droid Hacking for the Innocent
|Description||A gentle hands-on introduction to hacking Android apps to see what data they transmit. Bring a laptop, (20) rooted 'phones are provided, as is a virtual machine with all the software you'll need on a very snazzy flash-drive for you to keep and treasure.|
|Language||en - English |
en - English
|Subtitle||Session Two: Without the Fail|
|Starts at||2015/08/16 14:30|
|Ends at||2015/08/16 17:30|
This workshop is one of the research outputs of the "Our Data Ourselves" project at the Department of Digital Humanities at King's College London. We tracked the network usage of apps on the smartphones of a number of young coders from Young Rewired State. Some of the apps' behaviour was so surprising we disassembled them to find out what they were up to.
It proved so easy, that we collected all the tools we used in a virtual machine image and invited a Celebrity Guest Hacker to show people how it's done. Attendees who'd never touched the shell before came away having mastered Wireshark. What are your favourite apps saying about you? Come and find out, we have 20 rooted Android 'phones to play with. The virtual machine will be distributed on a highly exclusive "Our Data, Ourselves" flash-drive, which you can keep after the session.
- We Apologise For The Inconvenience **
Thank you for your patience and enthusiasm. It seems that most of the flashdrives were b0rked. We shall reconvene tomorrow at the same time and place and try again. Please come if you attended today.
Thank you to the kind soul from Neurovillage (Paul) who has already hosted the image on an FTP site: ftp://184.108.40.206/droid-hacking-vm/
You can now grab the image at http://tbf.me/a/BVqVDo courtesy of @TransferBigFile. You can also email me at firstname.lastname@example.org, if it doesn't work. I'll check my mail as frequently as I can. I've sent the image to two people so far.
What to do when you get the image:
1) Download VirtualBox and the Extension Pack: https://www.virtualbox.org/wiki/Downloads
2) Install the Extension Pack: https://www.virtualbox.org/manual/ch01.html#intro-installing
3) Start VirtualBox. Load the image with "Import Appliance". Start the image.
4) Login to the VM with username "odo" and password "ddk".
5) Start a screen session in the VM by typing "screen".
6) Start the docker daemon: "sudo docker -d" (password "ddk")
7) Start a new screen window. ctrl-a and then press c.
8) Start the docker container: sudo ./DroidDestructionKit/runcontainer.sh
9) Visit http://localhost:8080 in your browser. Go and play.
Ironically, we only used VirtualBox because most of the attendees at the first session King's had Mac and Windows boxes, where Docker is a pain to use. Internally, the VM is a Docker container, I'll try and upload it to DockerHub, check back shortly.
If you want to use Docker instead: (you poor fools...)
1) Make sure you have Git and Docker.
2) Get the dockerfile: git clone https://github.com/kingsBSD/DroidDestructionKit.git
3) Build the image: sudo docker build -t ddk DroidDestructionKit/
4) Allow plenty of time for that, preferably with ethernet. Your box will be on Planet Thrash.
5) Run the container: sudo docker run -i -t -p 6080:6080 -p 8080:80 --privileged -v /dev/bus/usb:/dev/bus/usb ddk
6) Go to http://localhost:8080 in your browser. Play.
7) If you've got a 32-bit machine, I put a 32-bit docker binary in the GitHub repo. Start it with "sudo docker -d"
If you can't wait, here I am talking about our project at last year's EMF event: https://www.youtube.com/watch?v=rIJqr6XCMdY
Thanks Again for your patience, See You Sunday,