Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,732,778 Members 51,759 Now Online
XDA Developers Android and Mobile Development Forum
View Poll Results: What should I add first?
Auto-Run 19 52.78%
Better UI 17 47.22%
Widget 0 0%
Other? 0 0%
Voters: 36. You may not vote on this poll

[APP][GPL]SecDroid - Android Hardening [BETA] [Hiatus]

Tip us?
 
x942
Old
(Last edited by x942; 9th June 2013 at 04:45 AM.)
#1  
Senior Member - OP
Thanks Meter 337
Posts: 955
Join Date: Jan 2012

 
DONATE TO ME
Arrow [APP][GPL]SecDroid - Android Hardening [BETA] [Hiatus]

SecDroid V 1.1 Beta
Created by x942
Released under GPLV2


PROJECT IS ON HIATUS

New project over here

Introduction

Quote:
SecDroid hardens the android kernel by disable certain binaries that have internet access or can be used as an attack vector. Some of these are:
SSH
SSHD
Telnet
NC (net cat)
Ping
PM (Package Manager - Can't install apps via CLI/ADB)
ADBD (ADB is disabled until reboot)

And by securing the TCP Stack using Systctl (Until Next boot).
More info

Why disable ADB and PM?

Quote:
ADB and PM are both disabled to help prevent an attacker from being able to install apps via the command line or adb shell. Both of these are potential attack vectors. You can install apps via the playstore and GUI
What license is this released under?

Quote:
All code is released under GPLV2 Unless otherwise noted.

Thanks/Credits

Quote:
Many Thanks to Adam Outler for his Shell class that was used in this project (until V0.3 - See Changelog).
Many thanks to XDA-TV and XDA for their hard work!
And thanks to SANS for their Android Security whitepaper which inspired this project.
Downloads:


Please note this is my first android app. As such bugs may be present and the code may not be pretty. If anyone can help me make it look nicer and more efficient that would be great

Quote:
UPDATE 2013-05-06:
Version 1.1 Beta

* Fixed script to properly handled errors on some devices
* Fixed layout issue
* Added disable bluetooth feature (Disabled bluetoothd )
* Added enable bluetooth feautre ( Reverses above action)


My Projects:

[B]Guardian Rom - Secure Android OS




SecDroid


Guardian Project Installer

Current: Nexus 4 Guardian Rom
The Following 66 Users Say Thank You to x942 For This Useful Post: [ Click to Expand ]
 
koz
Old
#2  
Senior Member
Thanks Meter 12
Posts: 189
Join Date: Mar 2006
x942 - Thanks for letting me know this is in the works - looks really promising. With things like SSH/SSHD being disabled, will apps (like Connectbot) still work, allowing for SSH/SSHD on a per app basis?
TMO Galaxy S3
ROM:
Dandroid 5.2

(RETIRED) TMO HD2
ROM:
Android [July 24th] [Sense 3.5] Energy [NAND]
RADIO:
2.15.50.14
HSPL:
2.08

(RETIRED)TMO Wizard
IPL/SPL: 3.08
Radio: 3.02.11
ROM : Teamup Tech iPhone Killer - WM 6.5.3
Build 28205
Caffinated to:247mhz
 
Richy19
Old
#3  
Junior Member
Thanks Meter 1
Posts: 29
Join Date: Jan 2012
Does this just disable these things during the current running session?
IE after rebooting it does everything go back to normal?
If not is there a way to enable them again?
 
fluxgfx
Old
#4  
fluxgfx's Avatar
Senior Member
Thanks Meter 72
Posts: 652
Join Date: Jun 2011
Location: Ottawa

 
DONATE TO ME
I have to assume that it's a good thing if the application wasn't able to find any of the noted application to harden.
Attached Thumbnails
Click image for larger version

Name:	2013-01-11 09.08.28.jpg
Views:	4238
Size:	49.6 KB
ID:	1635824  
Phone: HTC One - Xperia Z - Galaxy Note 8 - HTC M8 - Note 3 - S5
Carrier: Bell
Running all sorts of things on my phone!
Android Coliseum @ www.androidcoliseum.com
Google+ https://plus.google.com/+MartinGuay
 
Mika83AC
Old
#5  
Mika83AC's Avatar
Senior Member
Thanks Meter 180
Posts: 367
Join Date: Apr 2012
Location: Aachen
Quote:
Originally Posted by fluxgfx View Post
I have to assume that it's a good thing if the application wasn't able to find any of the noted application to harden.
I assume it's not a good thing because the applications are missing (which is unlikely) or they are moved to a different location
Samsung Galaxy S3 16GB (GT-I9300)
Recovery:PhilZ Touch Latest - Kernel:ArchiKernel - Rom:ArchiDroid 2.5.1

Motorola Moto G 16GB (XT1032)
Recovery:Stock - Kernel:Stock - Rom:Stock 4.4.4
 
hisname
Old
#6  
hisname's Avatar
Senior Member
Thanks Meter 515
Posts: 2,484
Join Date: Jul 2012
Location: Singapore
http://www.xda-developers.com/androi...with-secdroid/

featured on Xda portal!
 

Current Devices:
Galaxy S4(GT-I9505)
Philz recovery
Ktoonsez kernel

Asus Eee Pad Slider SL101
RootBox
ClockworkMod Recovery
Stock Kernel


Past Devices:
hTc Desire S
 
PnoT
Old
#7  
Member
Thanks Meter 1
Posts: 87
Join Date: Jun 2011
So the "hardening" is only applied after running the app and upon next boot everything should be back to normal correct?
 
fluxgfx
Old
(Last edited by fluxgfx; 11th January 2013 at 04:21 PM.)
#8  
fluxgfx's Avatar
Senior Member
Thanks Meter 72
Posts: 652
Join Date: Jun 2011
Location: Ottawa

 
DONATE TO ME
Quote:
Originally Posted by Mika83AC View Post
I assume it's not a good thing because the applications are missing (which is unlikely) or they are moved to a different location
I agree with you. Although after a manual verification the application in questions aren't located on the device in any folders Internel, External or within any of the root folder.

Cheers,
Phone: HTC One - Xperia Z - Galaxy Note 8 - HTC M8 - Note 3 - S5
Carrier: Bell
Running all sorts of things on my phone!
Android Coliseum @ www.androidcoliseum.com
Google+ https://plus.google.com/+MartinGuay
 
WattB006
Old
#9  
WattB006's Avatar
Senior Member
Thanks Meter 48
Posts: 277
Join Date: Sep 2011
Location: Nebraska
Quote:
Originally Posted by fluxgfx View Post
I agree with you. Although after a manual verification the application in questions aren't located on the device in any folders Internel, External or within any of the root folder.

Cheers,
I also has the same issue when running the app and I confirmed the apps are not located on my device.
 
bushako
Old
#10  
bushako's Avatar
Senior Member
Thanks Meter 266
Posts: 1,051
Join Date: Mar 2007
Location: Dubai
First of all thank you so much for the effort to keep our devices safe. Im using Droidwall to block certain programs and would like to install SecDroid but not sure if it would conflict in any way. Could you please confirm?
Nexus 5 32GB, Mahdi Rom 2.5, Franco Kernel and FKU.

Tags
apk, gpl compliant, security, shell
THREAD CLOSED
Subscribe
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes