Explore the intricacies of sockets on Android in this 43-minute conference talk from BSides Nashville 2016. Delve into socket fundamentals, including types, domains, and system calls across different programming languages. Learn to identify and analyze various socket types such as UNIX, netlink, and AF_INET. Discover practical techniques for socket detection using tools like Busybox and ADB Forwarding. Gain insights into Android-specific socket implementations, factory setting services, and potential security implications. Enhance your understanding of mobile security through hands-on examples and real-world applications of socket analysis on Android devices.
Overview
Syllabus
Introduction
What is a socket
Why do we care
Different programming languages
System calls
Domains
Types
Python Example
UNIX
sockstream
netlink
Android sockets
Other use cases
Looking for sockets
Busybox binary
Busybox binary flags
Looking for AF inet sockets
Printing unix sockets
Netlink sockets
ADB Forwarding
unix sockets
Recap
Tools
Who is listening
AFnetlink
Identifying Sockets
Android Logs
Sharp Sockets
Factory Setting Service
Netlinks
Screenshot
Conclusions
Questions
