Subscribe

Android security testing tool unveiled

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 24 Jul 2013

An Android security testing tool, drozer, is being unveiled at Black Hat, in Las Vegas, on 1 August.

According to MWR InfoSecurity, businesses that use Android mobile devices will be able to safeguard their assets and IT infrastructure using this tool, which will run full security assessments.

Drozer facilitates 'dynamic analysis' of applications running on Android devices, and includes a feature that has the ability to compromise Android devices through publicly available exploits. In this way, companies can better understand how a technical vulnerability on a mobile device can become a real threat.

According to the company, Android developers and security researchers will now be able to exploit vulnerabilities in Android's operating system and use them to install the application on the phone remotely, such as using a malicious document to deploy the app, all without the user knowing.

"For example, security consultants employed by an organisation can use drozer in a red team exercise, where they have an open scope to attack assets belonging to a company to test its digital infrastructure and security standards. The tool will now allow them to expand the attack surface to include mobile devices as a path of entry into a company's network."

Tyrone Erasmus, senior security consultant at MWR InfoSecurity, says: "By incorporating publicly available exploits into drozer, we enable businesses to simulate attacks against mobile devices in their networks. For instance, by gaining access through a security breach in the user's mobile Web browser, we are able to install the tool on the device and use it to help them understand how their business and entire IT infrastructure could be exposed to an attacker."

Daniel Bradberry, head of security tools development at MWR InfoSecurity, said the company has also added a number of aspects to drozer that weren't included in the previous version, Mercury. He said the major new feature consists of a means of getting the application onto an Android device remotely. "Traditionally, it had to be downloaded from the marketplace or installed using the developer features."

Erasmus adds that drozer is a big step forward, as before, various remote Android exploits were scattered across the Internet and were not always reliable. "Drozer unifies these publicly available exploits into a single framework and improves the quality of the exploitation code and payloads available to the penetration tester."

He says this is particularly useful considering the bring your own device (BYOD) phenomenon, as smartphones and other Android devices can be included when performing a full security assessment of an organisation's IT network.

Share