Category - Open Table Number - 45


The play store is not very well policed and a lot of applications are actively spying on their users. We want to make the play store a bit safer.

What it does

We install apks in our backend emulator farm and observe their communication with the outside world. This communication is HTTPS so we have to first hack it using a ManInTheMiddle attack. We have a webapp that lists the apks and all the links and a REST service API that communicates this to the outside wold. An android app can be installed to verify the apps safety immediately after install.

How we built it

We have 3 different components:

  1. The backend that installs APKs on emulators
  2. A JAVA webapp that creates a GUI and the rest service
  3. A native Android app that serves as a basic antivirus

The native Android app

The main purpose of the app is to listen to PACKAGE_ADDED, PACKAGE_CHANGED, PACKAGE_INSTALL, PACKAGE_REPLACED actions. When an intent with this action is received, the package name is sent to our REST API that will trigger a scan of the app (or it will return the results if already scanned). The result is presented as a notification. When the notification is tapped the activity with the results is shown.

If the app is started, in the main screen all the installed apps are presented with the scan status. A tap on one app will trigger a scan of the app (using the same process as above, by sending the package name to the REST API). When the scan response is available, then the results screen is shown (the same activity that is triggered from the notification, but this time the notification is bypassed).

To make the app, Android Studio was used, for http requests android-async-http library was used and for parsing the json results, the gson library was use.

Built With

Share this project: