BSidesLondon 20th April 2011 - Manuel
--
This talk will show you the basics of reverse engineering Android apps with the ultimate goal of re-implementing the decryption routines of the Kobo Android reader to achieve interopability of other software with that closed interface.
--- for more about Manuel
http://sporkbomb.eu and Kobo http://sporkbomb.eu/kobopier/
4. Kobo
● Global eBook retailer
● “We believe consumers should be able to read any book, anytime,
anywhere, and on the device of their choice”
● “We believe open standards for eBooks are best for consumers,
publishers, retailers and hardware manufacturers. Closed systems
stifle innovation and growth. Kobo proudly supports EPUB and
encourages our users to read a Kobo-purchased eBook on their
smartphone, Sony Reader, laptop, or whichever device they
choose.”
9. ● I BUY books. I don't
“lend them under
certain terms”.
● $10 for a digital copy,
and you restrict how I
use it?
10. NOTICE
● I ONLY WANTED TO ACHIEVE
INTEROPABILITY WITH OTHER PROGRAMS
● THAT ARE NOT COMPETING WITH THE KOBO
READER
● KOBOPIER ONLY REPRODUCES THE
DECRYPTION INTERFACE
● DON'T PIRATE XOR DON'T GET CAUGHT
21. Java/smali is hard to obfuscate
● MADE to be readable
● invoke-static {p0, v1, v0}, Lcom/kobobooks/android/f/i;-
> a([BLjavax/crypto/Cipher;Ljavax/crypto/SecretKey;)[B
22. The search begins
grep -Ri javax.crypto...?
...Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-
cbc"/>
...so I'm searching for “AES”.
23. Bingo!...FAIL.
● Found a decryption!
● sqlite3 <kobo
datadir>/databases/Kobo
● '.tables' + '.headers on '
● ParentContentID|...|
DecryptKey|...
25. Moar reversing
● Who's calling my decryption?
● What other methods is it calling?
● Learn to read smali. It's a somewhat neat language.
● What data is it using?
● ...remote Dalvik debugging?
26. apktool
● Disassemble
● Modify (theme, patch, break...)
● Build (apktool b...)
● Sign (jarsigner)
● adb install hax.apk
● Uninstall the old version first
28. On the right track!
● Then: “Is it possible?”
● Now: “How to make it practical?”
● More patching: Dumping all parts of the key
● Caller of the decryption method creates the key
● Three strings as input
● Does some weirdass stuff, more on that later
33. Part Three: WTF Crypto
● Rijndael
● BouncyCastle AND own implementation
● I'm here to break, not question it.
●
encrypt() and decrypt() have the same signature...
34. Putting the parts together
● Read chapter (cp /sdcard/Kobo/epubs ...)
● H(DeviceID || UserID)
● base64_decode(DecryptKey)
● D(encoded_decryptkey, hash_part)
● Clever (and common) from a DRM perspective
● D(chapter, decrypted_key)
36. Result: Kobopier
http://sporkbomb.eu/kobopier/
* Kobopier - a Kobo Android ePub DRM stripper
*
* You can reach the author at kobopier@acanthephyra.net.
* New versions of Kobopier will be made available at http://sporkbomb.eu/kobopier/.
*
* Important note: Kobopier is not made for piracy. It does not break any encryption,
* it simply replicates a few steps the original Android Kobo reader does.
* Please read the license below. Also, consider that it is YOUR responsibility to deal
* with any legal issues that arise from YOU using this tool.
* If you buy one copy of an ebook, decrypt it with this tool and then give it away,
* that's fine with me - but you alone are responsible if Kobo sues you.
*
* Copyright (C) 2011 sporkbomb