YoVDO

Abusing Google Play Billing for Fun and Unlimited Credits! - G. Lopes - Hack in Paris

Offered By: Hack in Paris via YouTube

Tags

Hack in Paris Courses Android Development Courses Cybersecurity Courses Vulnerability Analysis Courses Mobile Application Security Courses

Course Description

Overview

Explore a conference talk that delves into the vulnerabilities of Google Play Billing API and demonstrates how attackers can bypass payment processes in popular Android games. Learn about the billing workflow, known vulnerabilities, and real-world examples of compromised applications. Discover techniques used by developers to protect billing processes and how reverse engineering can still circumvent these measures. Gain insights into the number of vulnerable applications and compare Google's billing system with alternatives from Amazon and Samsung. Understand the implications for developers and users, and explore potential solutions to enhance security in mobile app transactions.

Syllabus

Introduction
Overview
Benefits for developers
How it works
Example
ProjectState
Verification
Secure Implementation
Google Documentation
Known Vulnerability
Modify Intent
Verify Process
ClientSide Fix
Steps
Do the Jump
Demo
Snoopy Pop
Proof
Java Native Interface
Shell Library
Conclusion
Google Billing Library


Taught by

Hack in Paris

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network