FORUMS

The Ultimate Showcase of dBrand Skins

In the search for ways to protect, accessorize, and personalize; a user has many options. One … more

Huawei’s Rapid Rise to Third Place in the Smartphone Race

Huawei has quickly grown to become one of the world’s biggest … more

OnePlus 2 Bares All in New Tear Down Gallery

Last year, the launch of the OnePlus One, dubbed ‘the flagship killer’, visibly … more

Focus – An Attractive But Raw Gallery Replacement

Focus is an attractive new app built by XDA members Liam Spradlin … more

 View Poll Results: What should I add first?

Auto-Run
 
19 Vote(s)
52.78%
Better UI
 
17 Vote(s)
47.22%
Widget
 
0 Vote(s)
0%
Other?
 
0 Vote(s)
0%

[APP][GPL]SecDroid - Android Hardening [BETA] [Hiatus]

n/a posts
Thanks Meter: 0
 
By x942, Guest on 6th January 2013, 11:33 PM
Thread Closed Subscribe to Thread Email Thread
SecDroid V 1.1 Beta
Created by x942
Released under GPLV2


PROJECT IS ON HIATUS

New project over here

Introduction

Quote:

SecDroid hardens the android kernel by disable certain binaries that have internet access or can be used as an attack vector. Some of these are:
SSH
SSHD
Telnet
NC (net cat)
Ping
PM (Package Manager - Can't install apps via CLI/ADB)
ADBD (ADB is disabled until reboot)

And by securing the TCP Stack using Systctl (Until Next boot).

More info

Why disable ADB and PM?

Quote:

ADB and PM are both disabled to help prevent an attacker from being able to install apps via the command line or adb shell. Both of these are potential attack vectors. You can install apps via the playstore and GUI

What license is this released under?

Quote:

All code is released under GPLV2 Unless otherwise noted.


Thanks/Credits

Quote:

Many Thanks to Adam Outler for his Shell class that was used in this project (until V0.3 - See Changelog).
Many thanks to XDA-TV and XDA for their hard work!
And thanks to SANS for their Android Security whitepaper which inspired this project.

Downloads:


Please note this is my first android app. As such bugs may be present and the code may not be pretty. If anyone can help me make it look nicer and more efficient that would be great

Quote:

UPDATE 2013-05-06:
Version 1.1 Beta

* Fixed script to properly handled errors on some devices
* Fixed layout issue
* Added disable bluetooth feature (Disabled bluetoothd )
* Added enable bluetooth feautre ( Reverses above action)

Last edited by x942; 9th June 2013 at 04:45 AM.
The Following 66 Users Say Thank You to x942 For This Useful Post: [ View ]
 
 
10th January 2013, 12:29 AM |#2  
Senior Member
Thanks Meter: 12
 
More
x942 - Thanks for letting me know this is in the works - looks really promising. With things like SSH/SSHD being disabled, will apps (like Connectbot) still work, allowing for SSH/SSHD on a per app basis?
11th January 2013, 01:17 PM |#3  
Junior Member
Thanks Meter: 1
 
More
Does this just disable these things during the current running session?
IE after rebooting it does everything go back to normal?
If not is there a way to enable them again?
11th January 2013, 02:10 PM |#4  
fluxgfx's Avatar
Senior Member
Flag Ottawa
Thanks Meter: 78
 
Donate to Me
More
I have to assume that it's a good thing if the application wasn't able to find any of the noted application to harden.
Attached Thumbnails
Click image for larger version

Name:	2013-01-11 09.08.28.jpg
Views:	5124
Size:	49.6 KB
ID:	1635824  
11th January 2013, 02:29 PM |#5  
Mika83AC's Avatar
Senior Member
Flag Aachen
Thanks Meter: 255
 
More
Quote:
Originally Posted by fluxgfx

I have to assume that it's a good thing if the application wasn't able to find any of the noted application to harden.

I assume it's not a good thing because the applications are missing (which is unlikely) or they are moved to a different location
11th January 2013, 03:09 PM |#6  
hisname's Avatar
Senior Member
Flag Singapore
Thanks Meter: 524
 
More
http://www.xda-developers.com/androi...with-secdroid/

featured on Xda portal!
11th January 2013, 04:05 PM |#7  
Member
Thanks Meter: 2
 
More
So the "hardening" is only applied after running the app and upon next boot everything should be back to normal correct?
11th January 2013, 04:08 PM |#8  
fluxgfx's Avatar
Senior Member
Flag Ottawa
Thanks Meter: 78
 
Donate to Me
More
Quote:
Originally Posted by Mika83AC

I assume it's not a good thing because the applications are missing (which is unlikely) or they are moved to a different location

I agree with you. Although after a manual verification the application in questions aren't located on the device in any folders Internel, External or within any of the root folder.

Cheers,
Last edited by fluxgfx; 11th January 2013 at 04:21 PM.
11th January 2013, 06:11 PM |#9  
WattB006's Avatar
Senior Member
Flag Nebraska
Thanks Meter: 51
 
More
Quote:
Originally Posted by fluxgfx

I agree with you. Although after a manual verification the application in questions aren't located on the device in any folders Internel, External or within any of the root folder.

Cheers,

I also has the same issue when running the app and I confirmed the apps are not located on my device.
11th January 2013, 08:44 PM |#10  
bushako's Avatar
Senior Member
Flag Dubai
Thanks Meter: 299
 
More
Question
First of all thank you so much for the effort to keep our devices safe. Im using Droidwall to block certain programs and would like to install SecDroid but not sure if it would conflict in any way. Could you please confirm?
x942
12th January 2013, 03:40 AM |#11  
Guest
Thanks Meter: 0
 
More
Quote:
Originally Posted by koz

x942 - Thanks for letting me know this is in the works - looks really promising. With things like SSH/SSHD being disabled, will apps (like Connectbot) still work, allowing for SSH/SSHD on a per app basis?

Sadly no. The apps are disabled by removing their permisions to execute (chmod 000). This means no one can run it. I suppose I could have it set to only allow Connectbot to run it based on UID or something. But something like Droidwall or AFWall+ is better suited for that. I am planning to add in a switch for each item. So you could for example leave ssh enabled but disabled everything else.

Quote:
Originally Posted by Richy19

Does this just disable these things during the current running session?
IE after rebooting it does everything go back to normal?
If not is there a way to enable them again?

Yes at this time everything is reset on reboot. I am looking into having it auto-run every boot.

Quote:
Originally Posted by fluxgfx

I have to assume that it's a good thing if the application wasn't able to find any of the noted application to harden.

Correct. I have tested on CM9/10/10.1 and AOKP on both of these if it can't find anything then they aren't present in the system. Stock roms may be different. All AOSP should all be the same though.

Quote:
Originally Posted by hisname

http://www.xda-developers.com/androi...with-secdroid/

featured on Xda portal!

Nice! xD That is awesome!

Quote:
Originally Posted by PnoT

So the "hardening" is only applied after running the app and upon next boot everything should be back to normal correct?

Yes. Everything is reset upon reboot. i will add an auto-run version shortly

Quote:
Originally Posted by bushako

First of all thank you so much for the effort to keep our devices safe. Im using Droidwall to block certain programs and would like to install SecDroid but not sure if it would conflict in any way. Could you please confirm?

No problem. I have no issues with Droidwall or AFWall+ SecDroid doesn't touch iptables so everything should be fine
The Following User Says Thank You to For This Useful Post: [ View ]

Read More
Thread Closed Subscribe to Thread

Tags
apk, gpl compliant, security, shell
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes