In addition to Java/Kotlin languages, Android offers the application developers the possibility of writing some parts of their code natively, in C or C++. Those functions can be called from the Dalvik side through an interface called 'JNI'. At build time, the native code is compiled and put into one or several shared libraries, which are embedded in the application's APK file.
Without having the source code, finding software vulnerabilities in native code is quite a difficult and tedious task. Fortunately, fuzzing can be of great help, especially if we need to effectively uncover bugs in a short time. However, when it comes to assessing code in such a specific environment, open-source projects may turn out to be not well fitted — in other words, they are too generic and cannot be used out of the box. As a result, we need to build our own adapted solution that suits our needs.
This internship consists of enhancing the native fuzzer for closed-source Android applications we have developed at Quarkslab in order to find vulnerabilities in targets you will wisely chose with the help of the team.
You will have to experiment, weigh up the pros and the cons of the different options we have and figure the best approach out for efficiently finding vulnerabilities in JNI libraries. As well, you will need to wisely pick out some targets you will run the fuzzer on in order to carry out the testing stage.
Pick out an open-source library that parses buffers (e.g. image rendering) and can be compiled with the Android NDK.
Write a harness function for fuzzing a piece of code you find interesting using libFuzzer, compile it and run it on an Android emulator or a physical device.
Answer those questions:
More info here: https://blog.quarkslab.com/internship-offers-for-the-2021-2022-season.html#fuzzing-native-code-in-android-applications
Your application was submitted successfully.