Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
View Poll Results: What should I add first?
Auto-Run 19 52.78%
Better UI 17 47.22%
Widget 0 0%
Other? 0 0%
Voters: 36. You may not vote on this poll

Thread Closed

[APP][GPL]SecDroid - Android Hardening [BETA] [Hiatus]

OP x942

x942
7th January 2013, 12:33 AM   |  #1  
Guest
Thanks Meter: 0
 
n/a posts
SecDroid V 1.1 Beta
Created by x942
Released under GPLV2


PROJECT IS ON HIATUS

New project over here

Introduction

Quote:

SecDroid hardens the android kernel by disable certain binaries that have internet access or can be used as an attack vector. Some of these are:
SSH
SSHD
Telnet
NC (net cat)
Ping
PM (Package Manager - Can't install apps via CLI/ADB)
ADBD (ADB is disabled until reboot)

And by securing the TCP Stack using Systctl (Until Next boot).

More info

Why disable ADB and PM?

Quote:

ADB and PM are both disabled to help prevent an attacker from being able to install apps via the command line or adb shell. Both of these are potential attack vectors. You can install apps via the playstore and GUI

What license is this released under?

Quote:

All code is released under GPLV2 Unless otherwise noted.


Thanks/Credits

Quote:

Many Thanks to Adam Outler for his Shell class that was used in this project (until V0.3 - See Changelog).
Many thanks to XDA-TV and XDA for their hard work!
And thanks to SANS for their Android Security whitepaper which inspired this project.

Downloads:


Please note this is my first android app. As such bugs may be present and the code may not be pretty. If anyone can help me make it look nicer and more efficient that would be great

Quote:

UPDATE 2013-05-06:
Version 1.1 Beta

* Fixed script to properly handled errors on some devices
* Fixed layout issue
* Added disable bluetooth feature (Disabled bluetoothd )
* Added enable bluetooth feautre ( Reverses above action)

Last edited by x942; 9th June 2013 at 05:45 AM.
The Following 66 Users Say Thank You to For This Useful Post: [ View ]
10th January 2013, 01:29 AM   |  #2  
Senior Member
Thanks Meter: 12
 
192 posts
Join Date:Joined: Mar 2006
x942 - Thanks for letting me know this is in the works - looks really promising. With things like SSH/SSHD being disabled, will apps (like Connectbot) still work, allowing for SSH/SSHD on a per app basis?
11th January 2013, 02:17 PM   |  #3  
Junior Member
Thanks Meter: 1
 
29 posts
Join Date:Joined: Jan 2012
More
Does this just disable these things during the current running session?
IE after rebooting it does everything go back to normal?
If not is there a way to enable them again?
11th January 2013, 03:10 PM   |  #4  
fluxgfx's Avatar
Senior Member
Flag Ottawa
Thanks Meter: 77
 
694 posts
Join Date:Joined: Jun 2011
Donate to Me
More
I have to assume that it's a good thing if the application wasn't able to find any of the noted application to harden.
Attached Thumbnails
Click image for larger version

Name:	2013-01-11 09.08.28.jpg
Views:	4484
Size:	49.6 KB
ID:	1635824  
11th January 2013, 03:29 PM   |  #5  
Mika83AC's Avatar
Senior Member
Flag Aachen
Thanks Meter: 207
 
438 posts
Join Date:Joined: Apr 2012
More
Quote:
Originally Posted by fluxgfx

I have to assume that it's a good thing if the application wasn't able to find any of the noted application to harden.

I assume it's not a good thing because the applications are missing (which is unlikely) or they are moved to a different location
11th January 2013, 04:09 PM   |  #6  
hisname's Avatar
Senior Member
Flag Singapore
Thanks Meter: 520
 
2,493 posts
Join Date:Joined: Jul 2012
More
http://www.xda-developers.com/androi...with-secdroid/

featured on Xda portal!
11th January 2013, 05:05 PM   |  #7  
Member
Thanks Meter: 1
 
87 posts
Join Date:Joined: Jun 2011
So the "hardening" is only applied after running the app and upon next boot everything should be back to normal correct?
11th January 2013, 05:08 PM   |  #8  
fluxgfx's Avatar
Senior Member
Flag Ottawa
Thanks Meter: 77
 
694 posts
Join Date:Joined: Jun 2011
Donate to Me
More
Quote:
Originally Posted by Mika83AC

I assume it's not a good thing because the applications are missing (which is unlikely) or they are moved to a different location

I agree with you. Although after a manual verification the application in questions aren't located on the device in any folders Internel, External or within any of the root folder.

Cheers,
Last edited by fluxgfx; 11th January 2013 at 05:21 PM.
11th January 2013, 07:11 PM   |  #9  
WattB006's Avatar
Senior Member
Flag Nebraska
Thanks Meter: 51
 
278 posts
Join Date:Joined: Sep 2011
More
Quote:
Originally Posted by fluxgfx

I agree with you. Although after a manual verification the application in questions aren't located on the device in any folders Internel, External or within any of the root folder.

Cheers,

I also has the same issue when running the app and I confirmed the apps are not located on my device.
11th January 2013, 09:44 PM   |  #10  
bushako's Avatar
Senior Member
Flag Dubai
Thanks Meter: 285
 
1,127 posts
Join Date:Joined: Mar 2007
More
Question
First of all thank you so much for the effort to keep our devices safe. Im using Droidwall to block certain programs and would like to install SecDroid but not sure if it would conflict in any way. Could you please confirm?

Thread Closed Subscribe to Thread

Tags
apk, gpl compliant, security, shell
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes