PTS2021

Hook as you want it
2021-07-05, 15:20–15:55 (Europe/Paris), Zoom room

In the context of my work, it is often required to audit the solution as an entire entity. Today, the main gateway used to connect a device to a web server, for example, is our dear smartphone. It has become an important vector of attack, for our phones themselves as well as for the devices with which it will interconnect.
Several open source projects exist, each with their own particularities, but today, I haven't found any tool that fully suits me. So I started to develop ASThook (https://madsquirrels.gitlab.io/mobile/asthook/index.html), a tool for static and dynamic analysis of Android application designed to link static analysis to dynamic analysis.
Its second goal is the possibility for the community to add features without requiring high programming skills or a deep understanding of the tool.
For instance, the community will be able to add plugins using the automatic APK generation features for POC, tree traversal or Frida hook addition directly in the application without risking to slow down the analysis.
As my job is mainly focused on auditing physical equipment, I sometimes meet more and more regularly embedded systems running on Android. I have therefore implemented the possibility to adapt the tool to run the analysis on more exotic platforms such as car headunits or microsystems.

Passionate about how systems work since my childhood and with an initial education in computer science, I gradually moved to the security of these systems and the electronic part of these equipments.Today, I work as a Cybersecurity Engineer in software and hardware reverse engineering at Digital Sécurity, where my daily work consists in disassembling equipments sent by our clients, then inspecting all their attack surfaces (hardware, radio, software, cloud). Then, we help our clients to find the best way to protect their systems and their equipments.

In this work, the part that seems to me the most interesting is the automation/instrumentation/hijacking part. It is fascinating to see how much it is possible to hijack a piece of equipment from its original purpose. This is even more impressive when we talk about physical equipment which has an impact on its environment.