[owasp_seraphimdroid_project] Questions regarding warnings and logs, location

Nikola Milosevic nikola.milosevic at owasp.org
Sun Mar 20 14:36:23 UTC 2016


Hello Johanna,

I am not sure whether you are aware, there is some kind of user guide
http://inspiratron.org/OWASPSeraphimdroid/SeraphimdroidDocumentation.pdf
and it starts on 11th page on the document (in the beginning is some
architecture overview, which may be better off in separate document,
however, this is the current state of affairs.

Regarding your question, please make sure you entered the app at least once
after installing it. There are SMS logs. You can find them under menu and
blocker logs. There are 3 tabs, for blocked SMS, USSD and calls. However,
if the SMS is sent you should see a notification with OWASP logo saying
that there is potentially malicious SMS sent from the device, or something
similar. Similar should happen when you install malicious app if
Seraphimdroid recognizes it. What should happen is that app is run through
the classifier and if it is classified as potentially malicious it should
fire notification. However, you can check as well how your apps are
classified when you open permission scanner (again from the app menu). If
there is green square next to app name, classifier thought it is ok, if it
is red it thinks it is malicious.

Also you may want to have a look at settings menu. There are some options
regarding which calls/SMS/USSD codes should be let go, which should be
stopped, some settings for blacklists and remote control features.



Pozdrav/Best regards,

Nikola Milošević
OWASP Seraphimdroid project leader
nikola.milosevic at owasp.org
OWASP - Open Web Application Security Project
<https://www.owasp.org/index.php/Main_Page>
OWASP Seraphimdroid Project
<https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project>

On Sun, Mar 20, 2016 at 2:33 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> Hi All
>
> I finalised a first round of testing with SeraphimDroid, you can see my
> experience here:
>
> http://cybersecuritywarrior.blogspot.com/2016/03/continued-saga-with-seraphimdroid.html
>
> Based on it, I have some questions:
> Where are warnings shown?
> In case of infection, were can I confirm that information(any forms of
> logs , reports)
>
> Cheers
>
> Johanna Curiel
>
> _______________________________________________
> Owasp_seraphimdroid_project mailing list
> Owasp_seraphimdroid_project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp_seraphimdroid_project
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_seraphimdroid_project/attachments/20160320/18455ba8/attachment.html>


More information about the Owasp_seraphimdroid_project mailing list