YoVDO

Abusing Google Play Billing for Fun and Unlimited Credits! - G. Lopes - Hack in Paris

Offered By: Hack in Paris via YouTube

Tags

Hack in Paris Courses Android Development Courses Cybersecurity Courses Vulnerability Analysis Courses Mobile Application Security Courses

Course Description

Overview

Explore a conference talk that delves into the vulnerabilities of Google Play Billing API and demonstrates how attackers can bypass payment processes in popular Android games. Learn about the billing workflow, known vulnerabilities, and real-world examples of compromised applications. Discover techniques used by developers to protect billing processes and how reverse engineering can still circumvent these measures. Gain insights into the number of vulnerable applications and compare Google's billing system with alternatives from Amazon and Samsung. Understand the implications for developers and users, and explore potential solutions to enhance security in mobile app transactions.

Syllabus

Introduction
Overview
Benefits for developers
How it works
Example
ProjectState
Verification
Secure Implementation
Google Documentation
Known Vulnerability
Modify Intent
Verify Process
ClientSide Fix
Steps
Do the Jump
Demo
Snoopy Pop
Proof
Java Native Interface
Shell Library
Conclusion
Google Billing Library


Taught by

Hack in Paris

Related Courses

Creative, Serious and Playful Science of Android Apps
University of Illinois at Urbana-Champaign via Coursera Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera Android. Programación de Aplicaciones
Miríadax Programming Mobile Applications for Android Handheld Systems: Part 1
University of Maryland, College Park via Coursera Begin Programming: Build Your First Mobile Game
University of Reading via FutureLearn