| With the rapid development of Internet,the application of smart phone is also becoming more and more popular.The Android system has been approved by users for its open source features,but the application has been altered by reverse tampering is also a huge problem for users.In order to prevent attacks,it is necessary to find the vulnerabilities of the system as much as possible before the attacker,and to take preventive measures in time.Then,the penetration test came into being.However,most traditional penetration testing used in corporate networks,and large network equipment,rarely implemented on mobile clients,but with the development of traditional mobile Internet,mobile smart devices network security issues more and more frequently,therefore,The security of mobile intelligent terminals is also increasingly urgent.Based on the background,this article will analyze the Android kernel,the security mechanism,the vulnerability discovery,then bring up the technology and method of the security vulnerability of the Android application,and use the appropriate tools.The main job of this paper is as follows:Firstly,analyzing the architecture of the Android system and security mechanism,through comparing penetration testing scheme and technology at home and abroad research,combining with the system,the mobile Internet environment and the characteristics of the mobile intelligent terminals,design a new kind of penetration testing experiment scheme.Secondly,in the design of experiment,through building the Android virtual platform,established a stable test environment,through mobile intelligent terminal of related technical indicators show the effect of penetration testing.Finally,by using the OpenVAS penetration testing tools to detect vulnerabilities in the Android system,and to analyze the vulnerabilities,then suggest a solution;Use the reverse tool APKTool to decompile the application software and find source code defects. |
PDF Full Text Request