Monday 29 October 2012

Mercury v1.1 – The Android Vulnerability Assessment framework



Mercury is a free framework for bug hunters to find vulnerabilities, write proof-of-concept exploits and play in Android. It allows you to use dynamic analysis on Android applications and devices for quicker security assessments and share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices.
The new version is compatible with new Android releases including Ice Cream Sandwich and Jelly Bean, meaning you can now run Mercury on the latest and greatest hardware. This enables you to be the first to find and report previously undisclosed bugs on that newly released phone!
Mercury allows you to:
  1. Interact with the 4 IPC endpoints – activities, broadcast receivers, content providers and services
  2. Use a proper shell that allows you to play with the underlying Linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see)
  3. Find information on installed packages with optional search filters to allow for better control
  4. Built-in commands that can check application attack vectors on installed applications
  5. Tools to upload and download files between the Android device and computer without using ADB (this means it can be done over the internet as well!)
  6. Create new modules to exploit your latest finding on Android, and playing with those that others have found.
For those of you interested in vulnerabilities in vendor products, the new version is the start of a collection of these in a framework. The first privilege escalation was included, allowing the escalation to root from Mercury’s unprivileged context. A module was created to check for vulnerabilities in content providers discovered on Samsung devices.

The newly introduced Reflection Interface, allows one from the Python client to instruct the Android code what objects to create and what to do with them, allowing you to add new features on the fly, without recompiling the Mercury APK. This allows true flexibility and a powerful framework for adding features that did not exist at runtime.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)