android_hax:
d: having some fun with a phone i got @walmart :p
Intro
I've been working through a couple of nostarch books as of late: Practical IoT Hacking by Fotios Chantzis, Ioannis Stais, Paulino Calderon, Evangelos Deirmentzoglou, Beau Woods and Attacking Network Protocols by James Forshaw. Both are really amazing resources, and I highly recommend them. One of my favorite things about all nostarch books is how project-based and hands on they are. I got to the point where I wanted to make up my own projects, and not just follow along with the ones in the books; and that's when I had the idea to do a series on Android hacking that would encompass everything I had been reading about.One of the things that I had also been looking for was a project that involved a physical device. Books like Pracitcal IoT Hacking lower the barrier to entry by making physical IoT devices not a prerequisite to learning, and I think that that's really great (not to mention important!), however, I wanted to make something for myself that involved hacking something I could hold in my hands, but also something that was affordable, and easily accessible to most people (in this case in the U.S.). I had a motorola e lying around, and so I had the idea: just get a cheapo android phone from walmart, and use it as an open source mechanism for learning protocol hacking, reverse engineering, and much more! Because of the open ended nature of this prompt, I can't be totally sure how many parts this is going to be, but I've gotten far enough along in this project to know the contents of the first couple parts. So without further ado: lets get started!
What Phone Should I Get?
As mentioned, I wanted this to be a relatively inexpensive project series. Before each part I'll say what kind of phones will work for the project, but as a general rule of thumb I'll mention the following:1. All of these phones will be Android devices.
2. This has all been tested using Ubuntu 20.04
3. The one phone that will (should) work for all of these will be the Motorola G, which is one of the less expensive phones you can get from walmart (about $80 at the time of writing this), but still not the least expensive, which was the Nokia C100 (about $40 at the time of writing this). I ended up tinkering with both of these devices, and will likely do a whole series on the Nokia C100, which has a Mediatek MT6761 Helio A22, and could potentially be rootable via mtkclient.
Okay.
Let's actually get started now :]
takeaways
idk. I just thought to add these as I go along. I feel like there are some fundemental lessons that I forget I've learned, and how much I depend on them. So as I go along I'm just going to keep a running list of these "lessons" as motivational reminders of realizations I had or remembered throughout the project.1. there's a tool for that. this is to say that more than likely someone has come against the same problem we have, so when we feel stuck, we can remember that the chances are high someone has already made a tool to automate what we're trying to do. All we have to do is know how to describe what that may be, and in the cases when we can't find a tool, that's even better! because now we've been presented with an opportunity to make something that will be handy for us and the community! :]
2. google it. opcode wireshark doesn't regonize? google it. weird manufacturer you don't know? google it. uuid? google it. truly. just. google. it. most of the documentation i've found is just by typing things like: vendor command 0xfd57 into google and bada bing, bada boom: we've got a list of a bunch of android specific commands!