{"id":10310,"date":"2022-05-19T09:59:16","date_gmt":"2022-05-19T09:59:16","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/?post_type=session&p=10310"},"modified":"2023-06-15T00:07:56","modified_gmt":"2023-06-15T00:07:56","slug":"take-a-picture-of-your-app-code-android-mri-interpreter","status":"publish","type":"session","link":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/session\/take-a-picture-of-your-app-code-android-mri-interpreter\/","title":{"rendered":"Take a Picture of Your App Code – Android MRI Interpreter"},"content":{"rendered":"

Magnetic Resonance Imaging (MRI), a medical device, allows tomographic imaging of human organs and measurement of blood flow. Using these features, modern doctors can easily detect diseases without having to perform open surgery as in the past.<\/p>\n

If it were possible to perform tomography on the app\u2019s code through a simple procedure, such as taking a picture like an MRI without invasion the app\u2019s process, and trace the flow of data used within the code, it would be an effective way to find vulnerabilities. This paper proposes a new OS (interpreter, runtime, kernel) that performs MRI functions based on Android 12.<\/strong><\/p>\n

In this new Interpreter, the Android app takes a picture of the dalvik instruction and register value at runtime when the target (data or function) is used, generating a Control Flow Graph (CFG) that traces the target\u2019s forward and backward execution, providing an effective environment for analyzing the app and finding vulnerabilities.\u00a0Furthermore, I\u00a0will explain the vulnerabilities discovered in mobile apps using the developed OS.<\/strong><\/p>\n

Three functions were developed based on the Android Open Source Project (AOSP) in order to analyze and find vulnerabilities of apps in the Android 12 environment.<\/p>\n