Android Vulnerability-Hide Android malicious code in image

Researchers have found another serious security vulnerability on Android: hiding Android malicious code in a picture (hide Android applications in Images).

Google has released patches before the vulnerability is disclosed to outsiders. However, there are still a large number of Android phone users who do not choose to upgrade.

Malicious program researcher Axelle Apvrille and reverse engineer Ange Albertin developed a custom tool angecryption (Python script) to encrypt the malicious program apk file (Android application Package), so that the malicious apk looks like a valid PNG image file (other image formats are also available), they then create another apk file that can decrypt and install the encrypted image file.

Angecrypt makes a malicious package look like a normal picture

Malicious programs because of the encryption, so antivirus and security tools can not detect. In the test, their legitimate wallpaper app pops up a permission request when trying to install a malicious app.

The researchers claim that you can prevent the permission request window from appearing by using Dexclassloader.

Related Knowledge Point Introduction

In cryptography, the block cipher's working mode allows the use of the same block cipher key to encrypt more than one piece of data and ensure its security. The block cipher itself only encrypts a single block of data that is equal to the length of the cipher block, and to encrypt the variable length data, the data must first be divided into separate cipher blocks. In general, the last piece of data also needs to extend the data to a length that fits the cipher block size using the appropriate padding method. A working mode describes the process of encrypting each block of data and often uses additional input values based on a commonly called initialization vector (iv,initialization vector) for randomization to ensure security.

　　The initialization vector (iv,initialization vector) is a piece of data that is used to randomize encryption in many operating modes, so that different ciphertext can be generated by the same plaintext, the same key, without having to regenerate the key, avoiding the usually rather complex process.

　　Cipher block link (Cbc,cipher-block chaining) mode. In CBC mode, each plaintext block is first XOR with the previous cipher block and then encrypted. In this approach, each cipher block relies on all the plaintext blocks in front of it. Also, in order to guarantee the uniqueness of each message, an initialization vector is used in the first block.

　　

If the subscript for the first block is 1, the CBC mode encryption process is

CI=Ek ( pi ⊕ Ci−1) , c0 =i V

And the decryption process is

PI=Dk ( ci ) ⊕ ci−1, c0 =i V

Without a little trick, we can't encrypt a given file into a picture file. How does the angecryption work?

The format of a PNG file is as follows:

PNG file format

We want to get a PNG file, the file format must include the following sections:

The file header . PNG begins with a fixed 8-byte ' signature ' identity:0x89 png 0x0d 0x0a 0x1a 0xa. To identify a valid PNG file, this 8 byte must be correct.

Garbage block : We insert the code here and the tool ignores it and identifies the file as a picture.

Each data block consists of 4 parts, as follows:

Name	Number of bytes	Description
Length (Long)	4 bytes	Specifies the length of the data field in the data block, which is not longer than (231-1) bytes
Chunk Type code (data block type code)	4 bytes	Block type codes are made up of ASCII letters (A-Z and A-Z) We use a false type to make the tool ignore this block of data.
Chunk data (block data)	Variable length	Stores data specified according to chunk Type code
CRC (cyclic redundancy detection)	4 bytes	Storage of cyclic redundancy codes to detect errors

header chunk: It contains basic information about the image data stored in the PNG file and is to appear in the PNG data stream as the first block of data, and only one file header block in a PNG data stream. IHDR However, the Fact Sheet recognition tool does not impose strict restrictions on this.

image data Block Idat: It stores the actual data, which can contain multiple sequential sequential image blocks in the data flow. Idat stores the real data information of the image, so if you can understand the structure of the idat, we can easily generate PNG images.

Image End Data iend (Image trailer chunk): It is used to mark a PNG file or the data stream has ended and must be placed at the end of the file.

In order to get a file like this, we need to do this:

(1) Select a suitable IV. We want our first cipher block C1 to be equal to the PNG file's "header (8 bytes) + Block Length (4 bytes) + Block type code (4 bytes)", which happens to be the same size as the AES block (16 bytes long). Also, we know that P0 is the first chunk of the input file (hidden file), and we know the value of K. So, we can choose IV in the following way:

In other words, to select the appropriate IV, you must obtain the first block of encryption we need. Note that in real cases, IV is randomly selected.

(2) A modified input file is generated and some data is appended to the end of the file, which is the decrypted "CRC32 test code + target image File Block + END block". Why did you do it? Because when we encrypt these decrypted data we can get the original data, that is to say, if we encrypt the decrypted image data block, we get the original image data block.

Note that the angecryption is independent of AES,CBC and PNG. It simply requires:

• The first cipher block is controllable;
• The source file format can tolerate additional data;
• The data size of the file header and data block matches the block size.

Angecryption Tools: http://corkami.googlecode.com/svn/trunk/src/angecryption/angecrypt.py

How to use:python angecrypt.py inputfile targetimage modifiedinput key Algorithm

• Inputfile: Files to encrypt
• Targetimage: Encrypted target format, such as PDF, PNG, JPG, FLV, etc.
• Modifiedinput: Input file modified by angecrypt.py
• Key: Encrypt key
• Algorithm: Current is AES128-CBC or 3DES-EDE2-CBC, no padding.

There is also a hidden code to the principle of the picture in the article "a picture of the technology to hide your program code" is introduced.

Related information: https://www.blackhat.com/docs/eu-14/materials/eu-14-Apvrille-Hide-Android-Applications-In-Images.pdf

Android Vulnerability-Hide Android malicious code in image