Drozer Android Security Testing Tool To Launch At Black Hat Arsenal

An Android security testing tool is one of many channel friendly applications being launched at the the Black Hat Conference in Las Vegas on August 1.

Growing public awareness of the insecurity of mobiles could create a massive opportunity for resellers, security specialists have predicted, as companies seek ways to lock down their code, their devices and their data.

Android healer

In April this year, Arxan Technologies revealed that 95 percent of the source code of mobile applications can be hijacked, at the launch of its Mobile Application Integrity Protection product. In August, UK MWR InfoSecurity will use Black Hat Arsenal as the launchpad for its Android security testing tool Drozer, which resellers can use to secure their clients’ assets and infrastructures.

Drozer is a fully open source update to the company’s Mercury tool which will allow service providers to analyse applications running on Android devices dynamically. The tool can compromise Android devices through publicly available exploits and allow the service provider to demonstrate how exposed their clients are, enabling them to bill for remediating the vulnerabilities.  The system will be shipped with “payloads that transcend your average reverse shell”, MWR promised, hailing the framework as the first of its breed for Android.

These features are designed to help an organisation understand how a technical vulnerability on a mobile device can become a real threat to their business, according to Daniel Bradberry, head of security tools development at MWR.

When client’s appreciate how exposed they are, they won’t begrudge the money they pay to their service provider, he argued. The service name-change from Mercury is justified by the extra functionality, he said.

“We added a number of aspects to Drozer that weren’t included in Mercury, but the major new feature consists of a means of getting the application onto an Android device remotely. Traditionally, it had to be downloaded from the marketplace or installed using the developer features,” said Bradberry.

Until now remote Android exploits have been an unreliable diaspora [scattered popuation] but Drozer has unified them into a single framework, said Tyrone Erasmus, senior security consultant at MWR InfoSecurity. “This improves the quality of the exploitation code and payloads available to the penetration tester,” he said.

Performing a full security assessment of an organisation’s IT network will be a massive opportunity in the age of the smartphone and the Bring Your Own Device corporate strategy, said Erasmus.